Low-Cost Setup for Localized Semi-invasive Optical Fault Injection Attacks

Oscar M. Guillen; Michael Gruber; Fabrizio De Santis

doi:10.1007/978-3-319-64647-3_13

COSADE 2017: Constructive Side-Channel Analysis and Secure Design pp 207-222 | Cite as

Low-Cost Setup for Localized Semi-invasive Optical Fault Injection Attacks

How Low Can We Go?

Authors
Authors and affiliations

Oscar M. GuillenEmail author
Michael Gruber
Fabrizio De Santis

Conference paper

First Online: 29 July 2017

Part of the Lecture Notes in Computer Science book series (LNCS, volume 10348)

Abstract

Localized semi-invasive optical fault attacks are nowadays considered to be out of reach for attackers with a limited budget. For this reason, they typically receive lower attention and priority during the security analysis of low-cost devices. Indeed, an optical fault injection setup typically requires expensive equipment which includes at least a laser station, a microscope, and a programmable X-Y table, all of which can quickly add up to several thousand euros. Additionally, a careful handling of toxic chemicals in a protected environment is required to decapsulate the chips under test and gain direct access to the die surface. In this work, we present a low-cost fault injection setup which is capable of producing localized faults in modern 8-bit and 32-bit microcontrollers, does not require handling hazardous substances or wearing protective eyeware, and would set back an attacker only a couple hundred euros. Finally, we show that the type of faults which are obtained from such a low-cost setup can be exploited to successfully attack real-world cryptographic implementations, such that of the NSA’s Speck lightweight block cipher.

Keywords

Fault injection Semi-invasive Optical fault attacks Backside Microcontrollers Embedded devices Speck

This is a preview of subscription content, to check access.

Notes

Acknowledgements

We thank the anonymous reviewers for their valuable comments and suggestions. This work was performed while Oscar M. Guillen was a research assistant at the Chair of Security in Information Technology of the Technische Universität München.

Appendix: Differential Fault Analysis of Speck

Speck is a family of block ciphers variable by different block and key sizes. The round function R(x, y) of Speck has a Feistel-like structure and is described by the following equation:

$$\begin{aligned} R(x,y) := ((x\ggg \alpha + y) \oplus k, y \lll \beta \oplus (x \ggg \alpha +y) \oplus k), \end{aligned}$$

where $\oplus $ denotes a bitwise XOR, $+$ denotes an addition modulo $2^{n}$, $\ggg \alpha $ denotes the right circular shift with $\alpha $ bits, $\lll \beta $ denotes the left circular shift with $\beta $ bits, x and y are the input n-bit words, and k is the round key.

The last round key $k^{T-1}$ can be recovered by injecting random faults in the word $y^{T-1}$ as proposed by Huo et al. in [9]. The fault propagates through the last round and the pairs of correct and faulty ciphertexts are collected. Then, a system of non linear equations on $\mathbb {F}_2$ is constructed as a set of Differential Equations of Additions (DEAs). Finally, the system of DEAs is solved using a computer algebra system with the aid of Gröbner bases. According to [9], 5–8 pairs are needed on average to solve the system of DEAs, independently of the block size n.

References

1.
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks. IACR Cryptol. ePrint Arch. 2004, 100 (2004)Google Scholar
2.
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The Simon and speck families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404 (2013). https://eprint.iacr.org/2013/404/
3.
Boit, C., Schlangen, R., Glowacki, A., Kindereit, U., Kiyan, T., Kerst, U., Lundquist, T., Kasapi, S., Suzuki, H.: Physical IC debug - backside approach and nanoscale challenge. Adv. Radio Sci. 6, 265–272 (2008)CrossRefGoogle Scholar
4.
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). doi: 10.1007/3-540-69053-0_4 Google Scholar
5.
Breier, J., Jap, D.: Testing feasibility of back-side laser fault injection on a microcontroller. In: Proceedings of the 10th Workshop on Embedded Systems Security, WESS 2015, Amsterdam, The Netherlands, 8 October 2015, p. 5 (2015)Google Scholar
6.
Huang, A.B.: Hacking the PIC 18f1320 (2007). https://www.bunniestudios.com/blog/?page_id=40. Accessed 1 Dec 2016
7.
Dehbaoui, A., Dutertre, J.-M., Robisson, B., Tria, A.: Electromagnetic transient faults injection on a hardware and a software implementations of AES. In: 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography, Leuven, Belgium, 9 September 2012, pp. 7–15 (2012)Google Scholar
8.
Hanft, F.: Entwicklung eines prototypen zur verhaltensanalyse von chipkarten bei fault injection attacks (2016). http://hanft.in/Dokumente/BachelorarbeitHanft.pdf. Accessed 26 Mar 2017
9.
Huo, Y., Zhang, F., Feng, X., Wang, L.-P.: Improved differential fault attack on the block cipher speck. In: 2015 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 28–34. IEEE (2015)Google Scholar
10.
Neve, M., Peeters, E., Samyde, D., Quisquater, J.-J.: Memories: a survey of their secure uses in smart cards. In: 2nd International IEEE Security in Storage Workshop (SISW 2003), Information Assurance, The Storage Security Perspective, 31 October 2003, Washington, DC, USA, pp. 62–72 (2003)Google Scholar
11.
O’Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Cham (2014). doi: 10.1007/978-3-319-10175-0_17 Google Scholar
12.
Schmidt, J.-M., Hutter, M.: Optical and EM fault-attacks on CRT-based RSA: concrete results. In: Posch, K.C., Wolkerstorfer, J. (eds.) Austrian Workshop on Microelectronics - Austrochip 2007, Graz, Austria, 11 October, pp. 61–67. Verlag der Technischen Universität Graz, October 2007. ISBN 978-3-902465-87-0Google Scholar
13.
Schmidt, J.-M., Hutter, M., Plos, T.: Optical fault attacks on AES: a threat in violet. In: Naccache, D., Oswald, E. (eds.) Fault Diagnosis and Tolerance in Cryptography - FDTC 2009, 6th International Workshop, Lausanne, Switzerland, 6 September 2009, pp. 13–22. IEEE-CS Press (2009)Google Scholar
14.
Skorobogatov, S.P.: Semi-invasive attacks - a new approach to hardware security analysis. Ph.D. thesis, University of Cambridge (2005)Google Scholar
15.
Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003). doi: 10.1007/3-540-36400-5_2 CrossRefGoogle Scholar
16.
Smith, Z.J., Chu, K., Espenson, A.R., Rahimzadeh, M., Gryshuk, A., Molinaro, M., Dwyre, D.M., Lane, S., Matthews, D., Wachsmann-Hogiu, S.: Cell-phone-based platform for biomedical device development and education applications. PLoS ONE 6(3), 1–11 (2011)Google Scholar
17.
Van Woudenberg, J.G., Witteman, M.F., Menarini, F.: Practical optical fault injection on secure microcontrollers. In: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2011, Tokyo, Japan, 29 September 2011, pp. 91–99 (2011)Google Scholar

Copyright information

Authors and Affiliations

Oscar M. Guillen
- 1
Email author
Michael Gruber
- 2
Fabrizio De Santis
- 2

1.Giesecke & Devrient GmbHMunichGermany
2.Chair of Security in Information TechnologyTechnische Universität MünchenMunichGermany

Low-Cost Setup for Localized Semi-invasive Optical Fault Injection Attacks

Abstract

Keywords

Notes

Acknowledgements

References

Copyright information

Authors and Affiliations

Personalised recommendations

Cite paper