A Comparative Cost/Security Analysis of Fault Attack Countermeasures

  • Tal G. Malkin
  • François-Xavier Standaert
  • Moti Yung
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4236)

Abstract

Deliberate injection of faults into cryptographic devices is an effective cryptanalysis technique against symmetric and asymmetric encryption algorithms. To protect cryptographic implementations (e.g. of the recent AES which will be our running example) against these attacks, a number of innovative countermeasures have been proposed, usually based on the use of space and time redundancies (e.g. error detection/correction techniques, repeated computations). In this paper, we take the next natural step in engineering studies where alternative methods exist, namely, we take a comparative perspective. For this purpose, we use unified security and efficiency metrics to evaluate various recent protections against fault attacks. The comparative study reveals security weaknesses in some of the countermeasures (e.g. intentional malicious fault injection that are unrealistically modelled). The study also demonstrates that, if fair performance evaluations are performed, many countermeasures are not better than the naive solutions, namely duplication or repetition. We finally suggest certain design improvements for some countermeasures, and further discuss security/efficiency tradeoffs.

Keywords

Attacks and countermeasures in hardware and software 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Tal G. Malkin
    • 1
  • François-Xavier Standaert
    • 1
    • 2
  • Moti Yung
    • 1
  1. 1.Dept. of Computer ScienceColumbia University 
  2. 2.UCL Crypto GroupUniversité Catholique de Louvain 

Personalised recommendations