A fully-digital EM pulse detector

ElectroMagnetic Pulse Injection (EMPI) has recently been demonstrated to be an efficient fault injection technique with many advantages especially when considering security issues of Systems on Chip (SoC) embedded on ball grid array packages, i.e. when adversaries do not have an easy access to the backside. EMPI must therefore be considered as a real threat against smartcards and SoC from now on. Among the usual countermeasures against fault attacks, one can identify the use of embedded sensors. If one can find voltage glitch or laser shot detectors in the literature, there is only one proposal which puts forward the idea of detecting ElectroMagnetic Pulse (EMP). However, this former sensor requires a fine tuning of some timing characteristics and, as a result, its use appears complex and even impractical within a SoC which are heterogeneous by nature and designed by worldwide teams. Within this context, this paper introduces and experimentally validates a new sensor allowing to detect EMP. Because the sensor is fully digital, it is low cost and above all fully compliant with the standard design flow of SoC.

[1]  Bruno Robisson,et al.  Local and Direct EM Injection of Power Into CMOS Integrated Circuits , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[2]  Luis Parrilla,et al.  Ring oscillators as thermal sensors in FPGAs: Experiments in low voltage , 2010, 2010 VI Southern Programmable Logic Conference (SPL).

[3]  Lilian Bossuet,et al.  Random Number Generation: a potential target of electromagnetic emanation analysis? , 2011 .

[4]  Philippe Maurine Techniques for EM Fault Injection: Equipments and Experimental Results , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[5]  Jean-Max Dutertre,et al.  Evidence of a Larger EM-Induced Fault Model , 2014, CARDIS.

[6]  Jean-Max Dutertre,et al.  Efficiency of a glitch detector against electromagnetic fault injection , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[7]  Michael Hutter,et al.  Optical and EM Fault-Attacks on CRT-based RSA : Concrete Results , 2007 .

[8]  Ross J. Anderson,et al.  On a new way to read data from memory , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[9]  Tughrul Arslan,et al.  Detecting Voltage Glitch Attacks on Secure Devices , 2008, 2008 Bio-inspired, Learning and Intelligent Systems for Security.

[10]  Narayanan Vijaykrishnan,et al.  Power attack resistant cryptosystem design: a dynamic voltage and frequency switching approach , 2005, Design, Automation and Test in Europe.

[11]  Philippe Maurine,et al.  Voltage Spikes on the Substrate to Obtain Timing Faults , 2013, 2013 Euromicro Conference on Digital System Design.

[12]  Philippe Maurine,et al.  EM Injection: Fault Model and Locality , 2015, 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[13]  Amine Dehbaoui,et al.  Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[14]  Amine Dehbaoui,et al.  Injection of transient faults using electromagnetic pulses -Practical results on a cryptographic system- , 2012, IACR Cryptol. ePrint Arch..