Electromagnetic analysis, deciphering and reverse engineering of integrated circuits (E-MATA HARI)

Electromagnetic fault injections are produced on secured ICs aiming to break crypto codes. We describe in this paper the whole chain of optimization necessary to achieve this goal, namely 1/ physical optimization of near-field probe and setup, 2/ signal management in timing, shape, and localization to induce the fault while beating countermeasures and 3/ understanding of fault propagation in logic to eventually protect future ICs.

[1]  Amine Dehbaoui,et al.  Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[2]  Bruno Robisson,et al.  Electromagnetic Attacks on Ring Oscillator-Based True Random Number Generator , 2012 .

[3]  T.H. Hubing,et al.  The Electromagnetic Compatibility of Integrated Circuits—Past, Present, and Future , 2009, IEEE Transactions on Electromagnetic Compatibility.

[4]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[5]  Laurent Chusseau,et al.  Near-Field Electromagnetic Characterization and Perturbation of Logic Circuits , 2008, IEEE Transactions on Instrumentation and Measurement.

[6]  P. Maurine,et al.  Magnetic microprobe design for EM fault attack , 2013, 2013 International Symposium on Electromagnetic Compatibility.

[7]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[8]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[9]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[10]  Julien Bringer,et al.  Idea: Embedded Fault Injection Simulator on Smartcard , 2014, ESSoS.

[11]  Alexandre Boyer,et al.  On-Chip Noise Sensor for Integrated Circuit Susceptibility Investigations , 2012, IEEE Transactions on Instrumentation and Measurement.

[12]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[13]  Jean-Max Dutertre,et al.  Efficiency of a glitch detector against electromagnetic fault injection , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[14]  A. Boyer,et al.  Evaluation of the near-field injection method at integrated circuit level , 2014, 2014 International Symposium on Electromagnetic Compatibility.

[15]  Laurent Chusseau,et al.  Near-field wire-based passive probe antenna for the selective detection of the longitudinal electric field at terahertz frequencies , 2009 .

[16]  Bruno Robisson,et al.  Local and Direct EM Injection of Power Into CMOS Integrated Circuits , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[17]  F. Caignet,et al.  A new method for measuring signal integrity in CMOS ICs , 2000 .