Low-cost design of stealthy hardware trojan for bit-level fault attacks on block ciphers



提出了一种基于分组密码比特翻转故障模型的低开销隐蔽硬件木马设计方案。首先基于代数故障分析方法, 搜索深轮次、低数据复杂度的分组密码比特翻转故障模型; 然后设计硬件木马载荷逻辑通过翻转比特实现故障注入, 并设计温度监测激活逻辑秘密实现故障注入触发; 最后再次利用代数故障分析方法来恢复分组密码加密密钥。针对DES分组密码在SASEBO-GII开发板上的FPGA实现, 开展了硬件木马实验, 结果表明: 木马开销低, 载荷逻辑只需翻转DES加密中间轮的单个比特, 仅增加了0.75%的额外触发器开销; 木马隐蔽性好, DES加密期间只需激活1次, 激活可通过一个售价仅为5美金的吹风机来实现。

This is a preview of subscription content, access via your institution.


  1. 1

    Courtois N T, Ware D, Jackson K. Fault algebraic attacks on inner rounds of DES. In: Proceedings of eSmart European Smart Card Security Conference, Sophia Antipolis, 2010. 22–24

    Google Scholar 

  2. 2

    Bhunia S, Hsiao M, Banga M, et al. Hardware trojan attacks: threat analysis and countermeasures. Proc IEEE, 2014, 102: 1229–1247

    Article  Google Scholar 

  3. 3

    Zhang F, Zhao X J, Guo S Z, et al. Improved algebraic fault analysis: a case study on piccolo and applications to other lightweight block ciphers. In: Constructive Side-Channel Analysis and Secure Design. Berlin: Springer, 2013. 62–79

    Google Scholar 

  4. 4

    Xilinx. Virtex-5 FPGA system monitor. UG192. Version 1.6, 2008

  5. 5

    Katashita T, Satoh A, Sugawara T, et al. Development of side-channel attack standard evaluation environment. In: Proceedings of IEEE European Conference on Circuit Theory and Design, Antalya, 2009. 403–408

    Google Scholar 

Download references


This work was supported in part by National Basic Research Program of China (973 Program) (Grant No. 2013CB338004), National Natural Science Foundation of China (Grant Nos. 61173191, 61272491, 61309021, 61472357, 61571063), Zhejiang University Fundamental Research Funds for the Central Universities (Grant No. 2015QNA5005), and Science and Technology on Communication Security Laboratory (Grant No. 9140C110602150C11053).

Author information



Corresponding author

Correspondence to Wei He.

Additional information

The authors declare that they have no conflict of interest.

Electronic supplementary material

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zhang, F., Zhao, X., He, W. et al. Low-cost design of stealthy hardware trojan for bit-level fault attacks on block ciphers. Sci. China Inf. Sci. 60, 048102 (2017). https://doi.org/10.1007/s11432-016-0233-0

Download citation


  • 分组密码
  • 硬件木马
  • 代数故障分析
  • 比特故障模型
  • 硬件安全
  • 数据加密算法