Exploiting Ineffective Fault Inductions on Symmetric Cryptography

Since the seminal work of Boneh et al., the threat of fault attacks has been widely known and new techniques for fault attacks and countermeasures have been studied extensively. The vast majority of the literature on fault attacks focuses on the ability of fault attacks to change an intermediate value to a faulty one, such as differential fault analysis (DFA), collision fault analysis, statistical fault attack (SFA), fault sensitivity analysis, or differential fault intensity analysis. The other aspect of faults—that faults can be induced and do not change a value—has been far less researched. In case of symmetric ciphers, this area is covered by ineffective fault attacks (IFA). However, IFA relies on the ability of an attacker to induce reproducible deterministic faults like stuck-at faults for a smaller intermediate structure (e.g., one bit or byte), which is often considered to be impracticable. As a consequence, most countermeasures against fault attacks focus on the ability of faults to change intermediate values and usually try to detect such a change (detection-based), or to destroy the exploitable information if a fault happens (infective countermeasures). Such countermeasures implicitly assume that the release of “faultfree” ciphertexts in the presence of a fault-inducing attacker does not reveal any exploitable information. In this work, we challenge this assumption and show attacks that exploit the fact that intermediate values leading to such “fault-free” ciphertexts show a non-uniform distribution, while they should be uniformly distributed. The presented attacks are entirely practical and are demonstrated to work for software implementations of AES and for a hardware co-processor. These practical attacks rely on faults induced by means of clock glitches and hence, are achieved using only low-cost equipment. We target two countermeasures as example, simple time redundancy with comparison and an infective countermeasure presented at CHES 2014. However, our attacks can be applied to a wider range of countermeasures and are not restricted to these two countermeasures.

[1]  E. S. Pearson,et al.  On the Problem of the Most Efficient Tests of Statistical Hypotheses , 1933 .

[2]  Debdeep Mukhopadhyay,et al.  Fault Tolerant Infective Countermeasure for AES , 2015, IACR Cryptol. ePrint Arch..

[3]  Nahid Farhady Ghalaty,et al.  Differential Fault Intensity Analysis , 2014, 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[4]  Wilbert C.M. Kallenberg,et al.  Power Approximations to Multinomial Tests of Fit , 1989 .

[5]  Debdeep Mukhopadhyay,et al.  Differential fault analysis of AES: towards reaching its limits , 2013, Journal of Cryptographic Engineering.

[6]  Adrian Thillard,et al.  Fault Attacks on AES with Faulty Ciphertexts Only , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[7]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[8]  Serge Vaudenay,et al.  How Far Can We Go Beyond Linear Cryptanalysis? , 2004, ASIACRYPT.

[9]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[10]  Yang Li,et al.  Fault Sensitivity Analysis , 2010, CHES.

[11]  Florian Mendel,et al.  Statistical Fault Attacks on Nonce-Based Authenticated Encryption Schemes , 2016, ASIACRYPT.

[12]  Kaisa Nyberg,et al.  Multiple Differential Cryptanalysis Using LLR and χ 2 Statistics , 2012, SCN.

[13]  Christophe Giraud,et al.  A Note on the Security of CHES 2014 Symmetric Infective Countermeasure , 2016, COSADE.

[14]  Christophe Clavier,et al.  Reverse Engineering of a Secret AES-like Cipher by Ineffective Fault Analysis , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[15]  Debdeep Mukhopadhyay,et al.  Destroying Fault Invariant with Randomization - A Countermeasure for AES Against Differential Fault Attacks , 2014, CHES.

[16]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[17]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[18]  Michael Tunstall,et al.  Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output , 2012, LATINCRYPT.

[19]  Thomas M. Cover,et al.  Elements of Information Theory 2006 , 2009 .

[20]  Kaisa Nyberg,et al.  Multidimensional Extension of Matsui's Algorithm 2 , 2009, FSE.

[21]  Ali Aydin Selçuk,et al.  On Probability of Success in Linear and Differential Cryptanalysis , 2008, Journal of Cryptology.

[22]  Alex Biryukov,et al.  On Multiple Linear Approximations , 2004, IACR Cryptol. ePrint Arch..

[23]  Michael Hutter,et al.  The Temperature Side Channel and Heating Fault Attacks , 2013, CARDIS.

[24]  Georg Sigl,et al.  Precise Laser Fault Injections into 90 nm and 45 nm SRAM-cells , 2015, CARDIS.

[25]  Debdeep Mukhopadhyay,et al.  A Biased Fault Attack on the Time Redundancy Countermeasure for AES , 2015, COSADE.

[26]  Peter Schwabe,et al.  All the AES You Need on Cortex-M3 and M4 , 2016, SAC.

[27]  Christophe Clavier,et al.  Secret External Encodings Do Not Prevent Transient Fault Analysis , 2007, CHES.