论文信息 - Design and Evaluation of a Spark Gap Based EM-fault Injection Setup

Design and Evaluation of a Spark Gap Based EM-fault Injection Setup

The rapid and widespread deployment of electronic devices operating in the field is bringing security issues into the spotlight. Fault injection, for instance, is a class of attacks that allows adversaries to bypass security-related capabilities by tampering with the normal functioning of a device. In this paper we describe a setup capable of faulting integrated circuits by exposing them to a pulsed magnetic field. The magnetic field is generated by discharging a pulse forming network made from a transmission line over an injection probe. The discharge is triggered by a spark gap based switch. We describe the mechanisms behind the different circuit components and evaluate the performance of the setup in practice. To the best of our knowledge, this is the first time a spark gap switch is used to build an electromagnetic (EM) pulse fault injection setup.

Josep Balasch | Arthur Beckers | Yuichi Hayashi | Masahiro Kinugawa | Ingrid Verbauwhede

[1] Ang Cui,et al. BADFET: Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection , 2017, WOOT.

[2] Josep Balasch,et al. Design and validation of a platform for electromagnetic fault injection , 2017, 2017 32nd Conference on Design of Circuits and Integrated Systems (DCIS).

[3] P. Maurine,et al. Magnetic microprobe design for EM fault attack , 2013, 2013 International Symposium on Electromagnetic Compatibility.

[4] Josep Balasch,et al. Design Considerations for EM Pulse Fault Injection , 2019, CARDIS.

[5] Jean-Max Dutertre,et al. Evidence of a Larger EM-Induced Fault Model , 2014, CARDIS.

[6] Jean-Jacques Quisquater,et al. Fault Attacks for CRT Based RSA: New Attacks, New Results, and New Countermeasures , 2007, WISTP.

[7] Ross J. Anderson,et al. Optical Fault Induction Attacks , 2002, CHES.

[8] Ingrid Verbauwhede,et al. An In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[9] Richard J. Lipton,et al. On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[10] David Naccache,et al. The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[11] J. Randall,et al. Pulse Generators , 1948, Nature.