International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2010: Cryptographic Hardware and Embedded Systems, CHES 2010 pp 158-172

Flash Memory ‘Bumping’ Attacks

  • Sergei Skorobogatov
Conference paper

DOI: 10.1007/978-3-642-15031-9_11

Volume 6225 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Skorobogatov S. (2010) Flash Memory ‘Bumping’ Attacks. In: Mangard S., Standaert FX. (eds) Cryptographic Hardware and Embedded Systems, CHES 2010. CHES 2010. Lecture Notes in Computer Science, vol 6225. Springer, Berlin, Heidelberg

Abstract

This paper introduces a new class of optical fault injection attacks called bumping attacks. These attacks are aimed at data extraction from secure embedded memory, which usually stores critical parts of algorithms, sensitive data and cryptographic keys. As a security measure, read-back access to the memory is not implemented leaving only authentication and verification options for integrity check. Verification is usually performed on relatively large blocks of data, making brute force searching infeasible. This paper evaluates memory verification and AES authentication schemes used in secure microcontrollers and a highly secure FPGA. By attacking the security in three steps, the search space can be reduced from infeasible > 2100 to affordable ≈ 215 guesses per block of data. This progress was achieved by finding a way to preset certain bits in the data path to a known state using optical bumping. Research into positioning and timing dependency showed that Flash memory bumping attacks are relatively easy to carry out.

Keywords

semi-invasive attacksfault injectionoptical probing
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Sergei Skorobogatov
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUnited Kingdom