论文信息 - JTAG Combined Attack - Another Approach for Fault Injection

JTAG Combined Attack - Another Approach for Fault Injection

The combined attacks are widely spread in the domain of smart cards and microcontrollers but they have not been yet democratized on System on chip (SoC) such as those that can be found in smart phones, tablets and automotive systems. The main reason behind this is the complexity to inject a fault at the right place and at the right time to make these attacks effective on such devices. However for development and debug, these devices provide new tools that could be considered as potential attacks path. It's the case of the JTAG debug tool which is present on today most electronic devices. The improper use of this latter is already known but in this paper we present a new misuse of this one: the JTAG as a fault injection tool. Through an example, we explain how this tool can be used to perform a combined attack.

[1] Richard J. Lipton,et al. On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[2] L. Futcher,et al. IFIP – The International Federation for Information Processing , 2013 .

[3] Israel Koren,et al. Workshop on fault diagnosis and tolerance in cryptography , 2004, International Conference on Dependable Systems and Networks, 2004.

[4] David Naccache,et al. The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[5] Ahmad-Reza Sadeghi,et al. Privilege Escalation Attacks on Android , 2010, ISC.

[6] Guillaume Barbu,et al. Attacks on Java Card 3.0 Combining Fault and Logical Attacks , 2010, CARDIS.

[7] Eric Vétillard,et al. Combined Attacks and Countermeasures , 2010, CARDIS.

[8] Ramesh Karri,et al. Attacks and Defenses for JTAG , 2010, IEEE Design & Test of Computers.

[9] Sergei Skorobogatov,et al. Breakthrough Silicon Scanning Discovers Backdoor in Military Chip , 2012, CHES.

[10] Collin Mulliner,et al. Android Hacker's Handbook , 2014 .

[11] Michael Tunstall,et al. SoC It to EM: ElectroMagnetic Side-Channel Attacks on a Complex System-on-Chip , 2015, CHES.

[12] Philippe Maurine,et al. EM Injection: Fault Model and Locality , 2015, 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).