Fault Sensitivity Analysis

  • Yang Li
  • Kazuo Sakiyama
  • Shigeto Gomisawa
  • Toshinori Fukunaga
  • Junko Takahashi
  • Kazuo Ohta
Conference paper

DOI: 10.1007/978-3-642-15031-9_22

Part of the Lecture Notes in Computer Science book series (LNCS, volume 6225)
Cite this paper as:
Li Y., Sakiyama K., Gomisawa S., Fukunaga T., Takahashi J., Ohta K. (2010) Fault Sensitivity Analysis. In: Mangard S., Standaert FX. (eds) Cryptographic Hardware and Embedded Systems, CHES 2010. CHES 2010. Lecture Notes in Computer Science, vol 6225. Springer, Berlin, Heidelberg

Abstract

This paper proposes a new fault-based attack called the Fault Sensitivity Analysis (FSA) attack, which unlike most existing fault-based analyses including Differential Fault Analysis (DFA) does not use values of faulty ciphertexts. Fault sensitivity means the critical condition when a faulty output begins to exhibit some detectable characteristics, e.g., the clock frequency when fault operation begins to occur. We explain that the fault sensitivity exhibits sensitive-data dependency and can be used to retrieve the secret key. This paper presents two practical FSA attacks against two AES hardware implementations on SASEBO-R, PPRM1-AES and WDDL-AES. Different from previous work, we show that WDDL-AES is not perfectly secure against setup-time violation attacks.

We also discuss a masking technique as a potential countermeasure against the proposed fault-based attack.

Keywords

Side-channel attacks Fault Sensitivity Analysis AES WDDL 

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Yang Li
    • 1
  • Kazuo Sakiyama
    • 1
  • Shigeto Gomisawa
    • 1
  • Toshinori Fukunaga
    • 2
  • Junko Takahashi
    • 1
    • 2
  • Kazuo Ohta
    • 1
  1. 1.Department of InformaticsThe University of Electro-CommunicationsTokyoJapan
  2. 2.NTT Information Sharing Platform LaboratoriesNTT CorporationTokyoJapan

Personalised recommendations