RTL modeling of laser attacks for early evaluation of secure ICs and countermeasure design

Many aspects of our current life rely on the exchange of data through electronic media. Powerful encryption algorithms guarantee the security, privacy and authentication of these exchanges. Nevertheless, those algorithms are implemented in electronic devices that may be the target of attacks despite their proven robustness. Several means of attacking integrated circuits are reported in the literature (for instance analysis of the correlation between the processed data and power consumption). Among them, laser illumination of the device has been reported to be one important and effective mean to perform attacks. The principle is to illuminate the circuit by mean of a laser and then to induce an erroneous behavior.For instance, in so-called Differential Fault Analysis (DFA), an attacker can deduce the secret key used in the crypto-algorithms by comparing the faulty result and the correct one. Other types of attacks exist, also based on fault injection but not requiring a differential analysis; the safe error attacks or clocks attacks are such examples.The main goal of the PhD thesis was to provide efficient CAD tools to secure circuit designers in order to evaluate counter-measures against such laser attacks early in the design process. This thesis has been driven by two Grenoble INP laboratories: LCIS and TIMA. The work has been carried out in the frame of the collaborative ANR project LIESSE involving several other partners, including STMicroelectronics.A RT level model of laser effects has been developed, capable of emulating laser attacks. The fault model was used in order to evaluate several different secure cryptographic implementations through FPGA emulated fault injection campaigns. The injection campaigns were performed in collaboration with TIMA laboratory and they allowed to compare the results with other state of the art fault models. Furthermore, the approach was validated versus the layout of several circuits. The layout based validation allowed to quantify the effectiveness of the fault model to predict localized faults. Additionally, in collaboration with CMP (Centre Microelectronique de Provence) experimental laser fault injections has been performed on a state of the art STMicroelectronics IC and the results have been used for further validation of the fault model. Finally the validated fault model led to the development of an RTL (Register Transfer Level) countermeasure against laser attacks. The countermeasure was implemented and evaluated by fault injection campaigns according to the developed fault model, other state of the art fault models and versus layout information.

[1]  Srikanth Venkataraman,et al.  Poirot: Applications of a Logic Fault Diagnosis Tool , 2001, IEEE Des. Test Comput..

[2]  Xiaoqing Wen,et al.  VLSI Test Principles and Architectures: Design for Testability (Systems on Silicon) , 2006 .

[3]  Robert C. Aitken,et al.  Biased voting: A method for simulating CMOS bridging faults in the presence of variable gate logic thresholds , 1993, Proceedings of IEEE International Test Conference - (ITC).

[4]  Diana Marculescu,et al.  Multiple Transient Faults in Combinational and Sequential Circuits: A Systematic Approach , 2010, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[5]  Shimon Even,et al.  Graph Algorithms , 1979 .

[6]  Régis Leveugle Fault injection in VHDL descriptions and emulation , 2000, Proceedings IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[7]  L. Artola,et al.  Single-Event Latchup Modeling Based on Coupled Physical and Electrical Transient Simulations in CMOS Technology , 2014, IEEE Transactions on Nuclear Science.

[8]  Mark G. Karpovsky,et al.  Robust protection against fault-injection attacks on smart cards implementing the advanced encryption standard , 2004, International Conference on Dependable Systems and Networks, 2004.

[9]  Peter Rössler,et al.  A netlist-level fault-injection tool for FPGAs , 2015, Elektrotech. Informationstechnik.

[10]  Pedro J. Gil,et al.  Improvement of fault injection techniques based on VHDL code modification , 2005, Tenth IEEE International High-Level Design Validation and Test Workshop, 2005..

[11]  R. Leveugle Early Analysis of Fault-based Attack Effects in Secure Circuits , 2007, IEEE Transactions on Computers.

[12]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[13]  M. Baze,et al.  Comparison of error rates in combinational and sequential logic , 1997 .

[14]  Pedro J. Gil,et al.  Comparison and application of different VHDL-based fault injection techniques , 2001, Proceedings 2001 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[15]  Giorgio Di Natale,et al.  A Reliable Architecture for Parallel Implementations of the Advanced Encryption Standard , 2009, J. Electron. Test..

[16]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[17]  Christian Steger,et al.  Automatic saboteur placement for emulation-based multi-bit fault injection , 2011, 6th International Workshop on Reconfigurable Communication-Centric Systems-on-Chip (ReCoSoC).

[18]  D. Habing The Use of Lasers to Simulate Radiation-Induced Transients in Semiconductor Devices and Circuits , 1965 .

[19]  Georg Sigl,et al.  A Cost-Effective FPGA-based Fault Simulation Environment , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[20]  Fabio Somenzi,et al.  Logic synthesis and verification algorithms , 1996 .

[21]  Dhiraj K. Pradhan,et al.  A placement strategy for reducing the effects of multiple faults in digital circuits , 2014, 2014 IEEE 20th International On-Line Testing Symposium (IOLTS).

[22]  Michael Hutter,et al.  Optical and EM Fault-Attacks on CRT-based RSA : Concrete Results , 2007 .

[23]  M. Karpovsky,et al.  ROBUST ERROR DETECTION IN COMMUNICATION AND COMPUTATIONAL CHANNELS , 2007 .

[24]  Mehdi Baradaran Tahoori,et al.  A layout-based approach for Multiple Event Transient analysis , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[25]  Giovanni Squillero,et al.  New techniques for speeding-up fault-injection campaigns , 2002, Proceedings 2002 Design, Automation and Test in Europe Conference and Exhibition.

[26]  Israel Koren,et al.  Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard , 2003, IEEE Trans. Computers.

[27]  Jean-Max Dutertre,et al.  Fault Model Analysis of Laser-Induced Faults in SRAM Memory Cells , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[28]  Régis Leveugle,et al.  A Flexible SoPC-based Fault Injection Environment , 2006, 2006 IEEE Design and Diagnostics of Electronic Circuits and systems.

[29]  Israel Koren,et al.  On the propagation of faults and their detection in a hardware implementation of the Advanced Encryption Standard , 2002, Proceedings IEEE International Conference on Application- Specific Systems, Architectures, and Processors.

[30]  B. L. Bhuva,et al.  Comparison of Combinational and Sequential Error Rates for a Deep Submicron Process , 2011, IEEE Transactions on Nuclear Science.

[31]  Jeyavijayan Rajendran,et al.  SLICED: Slide-based concurrent error detection technique for symmetric block ciphers , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[32]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[33]  Nur A. Touba,et al.  Logic synthesis of multilevel circuits with concurrent error detection , 1997, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[34]  Johan Karlsson,et al.  Fault injection into VHDL models: the MEFISTO tool , 1994 .

[35]  M. Favalli Annotated bit flip fault model , 2004 .

[36]  Bing-Fei Wu,et al.  Simple error detection methods for hardware implementation of Advanced Encryption Standard , 2006, IEEE Transactions on Computers.

[37]  Israel Koren,et al.  Countermeasures against EM analysis for a secured FPGA-based AES implementation , 2013, 2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig).

[38]  Giorgio Di Natale,et al.  Laser-Induced Fault Simulation , 2013, 2013 Euromicro Conference on Digital System Design.

[39]  Javier Uceda,et al.  A fault model for VHDL descriptions at the register transfer level , 1996, Proceedings EURO-DAC '96. European Design Automation Conference with EURO-VHDL '96 and Exhibition.

[40]  Giorgio Di Natale,et al.  LIFTING: A Flexible Open-Source Fault Simulator , 2008, 2008 17th Asian Test Symposium.

[41]  Lloyd W. Massengill,et al.  Basic mechanisms and modeling of single-event upset in digital microelectronics , 2003 .

[42]  R. Leveugle,et al.  Using run-time reconfiguration for fault injection applications , 2001, IMTC 2001. Proceedings of the 18th IEEE Instrumentation and Measurement Technology Conference. Rediscovering Measurement in the Age of Informatics (Cat. No.01CH 37188).

[43]  Jean-Max Dutertre,et al.  Frontside laser fault injection on cryptosystems - Application to the AES' last round - , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[44]  Régis Leveugle,et al.  Statistical fault injection: Quantified error and confidence , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[45]  Jasper G. J. van Woudenberg,et al.  Practical Optical Fault Injection on Secure Microcontrollers , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[46]  Ilia Polian,et al.  Cross-level protection of circuits against faults and malicious attacks , 2012, 2012 IEEE 18th International On-Line Testing Symposium (IOLTS).

[47]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[48]  Giorgio Di Natale,et al.  Layout-aware laser fault injection simulation and modeling: From physical level to gate level , 2014, 2014 9th IEEE International Conference on Design & Technology of Integrated Systems in Nanoscale Era (DTIS).

[49]  E. S. Sogomonyan,et al.  Design of self-testing and on-line fault detection combinational circuits with weakly independent outputs , 1993, J. Electron. Test..

[50]  Martin Otto,et al.  Fault attacks and countermeasures , 2005 .