Abstract
Fault injection is a serious threat for implementations of cryptography, especially on small embedded devices. In particular, electromagnetic fault injection (EMFI) is a powerful active attack, requiring minimal modifications on the device under attack while having excellent penetration capabilities. The challenge is in finding the right combination of the attack parameters and their values. Namely, the number of possible combinations (for all the values of relevant parameters) is typically huge and rendering exhaustive search impossible.
In this chapter, we introduce this problem and we survey some previous attempts for solving it. We also present a novel evolutionary algorithm for optimizing the parameters search for EM fault injection that outperforms all known search methods for EMFI. The results are widely applicable as the cryptographic device under attack is considered a black box, with only a few very general assumptions on its inner workings.
We test our novel evolutionary algorithm by attacking the SHA-3 algorithm. Our results leverage 40 times more faulty measurements and 20 times more distinct fault measurements than one could obtain with a random search. When this methodology is coupled with the algebraic fault attack, we get 25% more exploitable faults per individual measurement.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
WolfSSL, an embedded SSL/TLS library. Available at: https://www.wolfssl.com/.
- 3.
The parent points define an axis-aligned parallelepiped in parameter-space; the parents are placed on the diagonally opposite vertices. In a Hamming cube, these would be the all-zeros and all-ones vertices. The first crossover variant corresponds to picking one of its vertices, whereas the second crossover variant corresponds to picking a point within it.
References
A. Aghaie, A. Moradi, S. Rasoolzadeh, F. Schellenberg, T. Schneider, Impeccable circuits, Cryptology ePrint Archive, Report 2018/203, 2018. https://eprint.iacr.org/2018/203
C. Aumüller, P. Bier, W. Fischer, P. Hofreiter, J.-P. Seifert, Fault attacks on RSA with CRT: concrete results and practical countermeasures, in CHES, pp. 260–275 (2002)
T. Bäck, D.B. Fogel, Z. Michalewicz (eds.), Evolutionary Computation 1: Basic Algorithms and Operators (Institute of Physics Publishing, Bristol, 2000)
N. Bagheri, N. Ghaedi, S.K. Sanadhya, Differential fault analysis of SHA-3, in Progress in Cryptology–INDOCRYPT 2015 (Springer, Cham, 2015), pp. 253–269
G. Bertoni, J. Daemen, M. Peeters, G. Van Assche, The Keccak reference, January 2011. http://keccak.noekeon.org/
D. Boneh, R.A. DeMillo, R.J. Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in Advances in Cryptology - Proceeding of the EUROCRYPT ‘97, International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, May 11–15 (1997), pp. 37–51
E. Cagli, C. Dumas, E. Prouff, Convolutional neural networks with data augmentation against jitter-based countermeasures - profiling attacks without pre-processing, in Cryptographic Hardware and Embedded Systems - CHES 2017 - Proceedings of the 19th International Conference, 2017, Taipei, September 25–28 (2017), pp. 45–68
R.B. Carpi, S. Picek, L. Batina, F. Menarini, D. Jakobovic, M. Golub, Glitch it if you can: parameter search strategies for successful fault injection, in Smart Card Research and Advanced Applications, ed. by A. Francillon, P. Rohatgi (Springer, Cham, 2014), pp. 236–252
A.E. Eiben, J.E. Smith, Introduction to Evolutionary Computing (Springer, Berlin, 2003)
J.H. Holland, Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence (The MIT Press, Cambridge, 1992)
P.C. Kocher, Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, in CRYPTO ‘96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology (Springer, London, 1996), pp. 104–113
P. Kocher, J. Jaffe, B. Jun, Differential power analysis, in Annual International Cryptology Conference (Springer, Berlin, 1999), pp. 388–397
O. Kömmerling, M.G. Kuhn, Design principles for tamper-resistant smartcard processors, in Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology (USENIX Association, Berkeley, 1999), pp. 2–2
L. Lerman, G. Bontempi, O. Markowitch, Side channel attack: an approach based on machine learning, in Second International Workshop on Constructive SideChannel Analysis and Secure Design, pp. 29–41 (Center for Advanced Security Research, Darmstadt, 2011)
P. Luo, Y. Fei, L. Zhang, A.A. Ding, Differential fault analysis of SHA3-224 and SHA3-256, in 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 4–15 (2016)
P. Luo, Y. Fei, L. Zhang, A.A. Ding, Differential fault analysis of SHA-3 under relaxed fault models. J. Hardware Syst. Secur. 1(2), 156–172 (2017)
P. Luo, K. Athanasiou, Y. Fei, T. Wahl, Algebraic fault analysis of SHA-3 under relaxed fault models. IEEE Trans. Inf. Forensics Secur. 13, 1752–1761 (2018)
M. Madau, M. Agoyan, P. Maurine, An EM fault injection susceptibility criterion and its application to the localization of hotspots, in International Conference on Smart Card Research and Advanced Applications (Springer, Cham, 2017), pp. 180–195
H. MartÃn, T. Korak, E.S. Millán, M. Hutter, Fault attacks on STRNGs: impact of glitches, temperature, and underpowering on randomness. IEEE Trans. Inf. Forensics Secur. 10(2), 266–277 (2015)
C. O’Flynn, Fault injection using crowbars on embedded systems, Cryptology ePrint Archive, Report 2016/810 (2016). https://eprint.iacr.org/2016/810
S. Ordas, L. Guillaume-Sage, P. Maurine, EM injection: fault model and locality, in Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), 2015 (IEEE, Piscataway, 2015), pp. 3–13
S. Picek, L. Batina, D. Jakobovic, R.B. Carpi, Evolving genetic algorithms for fault injection attacks, in 2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), May (2014), pp. 1106–1111
S. Picek, L. Batina, P. Buzing, D. Jakobovic, Fault injection with a new flavor: memetic algorithms make a difference, in Constructive Side-Channel Analysis and Secure Design, ed. by S. Mangard, A.Y. Poschmann (Springer, Cham, 2015), pp. 159–173
S. Picek, A. Heuser, A. Jovic, S.A. Ludwig, S. Guilley, D. Jakobovic, N. Mentens, Side-channel analysis and machine learning: a practical perspective, in 2017 International Joint Conference on Neural Networks, IJCNN 2017, Anchorage, AK, May 14–19 (2017), pp. 4095–4102
J.-J. Quisquater, D. Samyde, Electromagnetic analysis (EMA): measures and counter-measures for smart cards, in Smart Card Programming and Security, ed. by I. Attali, T. Jensen (Springer, Berlin, 2001), pp. 200–210
N. Samwel, L. Batina, Practical fault injection on deterministic signatures: the case of EdDSA, in Progress in Cryptology – AFRICACRYPT 2018, ed. by A. Joux, A. Nitaj, T. Rachidi (Springer, Cham, 2018), pp. 306–321
Acknowledgements
This work has been supported in part by Croatian Science Foundation under the project IP-2014-09-4882 and by the Technology Foundation TTW (Project 13499 TYPHOON), from the Dutch government.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Maldini, A., Samwel, N., Picek, S., Batina, L. (2019). Optimizing Electromagnetic Fault Injection with Genetic Algorithms. In: Breier, J., Hou, X., Bhasin, S. (eds) Automated Methods in Cryptographic Fault Analysis. Springer, Cham. https://doi.org/10.1007/978-3-030-11333-9_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-11333-9_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11332-2
Online ISBN: 978-3-030-11333-9
eBook Packages: EngineeringEngineering (R0)