Harnessing Biased Faults in Attacks on ECC-Based Signature Schemes

This paper presents an extension of the byte-fault attack on signature schemes presented by Giraud et al. Our work extends their attack in a number of ways, but the main focus is an alternative fault model motivated by existing fault injection results. Instead of assuming faults are uniformly distributed (i.e., a given bit is flipped with probability 1/2), we consider the case where faults are biased (i.e., the probability differs from 1/2). Our results show that injecting biased faults allows an attacker to reveal security-critical data with significantly fewer faults and/or a significantly faster search through the remaining candidates.

[1]  Frederik Vercauteren,et al.  To Infinity and Beyond: Combined Attack on ECC Using Points of Low Order , 2011, CHES.

[2]  Christophe Clavier,et al.  Fault Analysis of DPA-Resistant Algorithms , 2006, FDTC.

[3]  Alessandro Barenghi,et al.  Low Voltage Fault Attacks to AES and RSA on General Purpose Processors , 2010, IACR Cryptol. ePrint Arch..

[4]  Michael Tunstall,et al.  Secure Cryptographic Algorithm Implementation on Embedded Platforms , 2007 .

[5]  Ingrid Verbauwhede,et al.  An In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[6]  Bernd Meyer,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems , 2000, CRYPTO.

[7]  Christophe Giraud,et al.  Fault Attacks on Signature Schemes , 2004, ACISP.

[8]  Ingrid Biehl,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems ( Extended Abstract ) , 2000 .

[9]  Marc Joye,et al.  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults , 2005, Des. Codes Cryptogr..

[10]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[11]  Christophe Giraud,et al.  Improved Fault Analysis of Signature Schemes , 2010, CARDIS.

[12]  Jean-Pierre Seifert,et al.  Sign Change Fault Attacks on Elliptic Curve Cryptosystems , 2006, FDTC.

[13]  Martin Otto,et al.  Fault attacks and countermeasures , 2005 .

[14]  Frédéric Valette,et al.  Characterization of Effective Laser Spots during Attacks in the Configuration of a Virtex-II FPGA , 2009, 2009 27th IEEE VLSI Test Symposium.

[15]  Robert H. Deng,et al.  Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults , 1997, Security Protocols Workshop.

[16]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.