Abstract
We propose an end-to-end approach to evaluate the robustness of smartcard embedded applications against perturbation attacks. Key to this approach is the fault model inference phase, a method to determine a precise fault model according to the attacked hardware and to the attacker’s equipment, taking into account the probability of occurrence of the faults. Together with a fault injection simulator, it allows to compute a predictive metrics, the vulnerability rate, which gives a first estimation of the robustness of the application. Our approach is backed up by experiments and tools that validate its potential for prediction.
L. Dureuil—This work has been partially supported by the project SERTIF (ANR-14-ASTR-0003-01).
M.-L. Potet—This work has been partially supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We target here the AVA class, dedicated to vulnerability assessment.
- 2.
Sometimes referred to as “EM probes”.
- 3.
“The
statement that surrounds the cryptographic implementations”. - 4.
Our EM injector is made of small copper wire loops (100 \(\mu {}\)m), driven by a 500 A current during 10 ns.
- 5.
The hamming distance was considered, but gave seemingly less relevant results, with only 16 possible values.
- 6.
CEsti-LeTi Integrated Circuit.
- 7.
For instance, in a PIN verification one can check that the authentication token is
even though the provided PIN is wrong. - 8.
Each experiment lasted for no more than 3 days.
statement that surrounds the cryptographic implementations”.
even though the provided PIN is wrong.References
Balakrishnan, G., Reps, T.: WYSINWYX: what you see is not what you eXecute. ACM Trans. Programm. Lang. Syst. 32, 23: 1–23: 84 (2010)
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The Sorcerer’s apprentice guide to fault attacks. In: Proceedings of the IEEE, vol. 94, pp. 370–382. IEEE (2006)
Barthe, G., Dupressoir, F., Fouque, P.-A., Grégoire, B., Zapalowicz, J.-C.: Synthesis of fault attacks on cryptographic implementations. In: CCS 2014: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1016–1027. ACM, New York (2014)
Berthier, M., Bringer, J., Chabanne, H., Le, T.-H., Rivière, L., Servant, V.: Idea: embedded fault injection simulator on smartcard. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS. LNCS, vol. 8364, pp. 222–229. Springer, Heidelberg (2014)
Berthomé, P., Heydemann, K., Kauffmann-Tourkestansky, X., Lalande, J.: High level model of control flow attacks for smart card functional security. In: Seventh International Conference on Availability, Reliability and Security (ARES 2012), pp. 224–229. IEEE (2012)
Blömer, J., Otto, M., Seifert, J.-P.: A new CRT-RSA algorithm secure against bellcore attacks. In: CCS 2003, pp. 311–320. ACM, New York (2003)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)
Christofi, M., Chetali, B., Goubin, L., Vigilant, D.: Formal verification of a CRT-RSA implementation against fault attacks. J. Crypt. Eng. 3(3), 157–167 (2013)
JIL: Application of attack potential to smartcards. Technical report Version 2.9, Joint Interpretation Library, January 2013
Kim, C.H., Quisquater, J.-J.: Fault attacks for CRT based RSA: new attacks, new results, and new countermeasures. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 215–228. Springer, Heidelberg (2007)
Machemie, J.-B., Mazin, C., Lanet, J.-L., Cartigny, J.: SmartCM a smart card fault injection simulator. In: IEEE International Workshop on Information Forensics and Security. IEEE (2011)
Ordas, S., Guillaume-Sage, L., Tobich, K., Dutertre, J.-M., Maurine, P.: Evidence of a larger EM-induced fault model. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 245–259. Springer, Heidelberg (2015)
Potet, M.-L., Mounier, L., Puys, M., Dureuil, L.: Lazart: A symbolic approach for evaluation the robustness of secured codes against control flow injections. In: Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST, pp. 213–222. IEEE (2014)
Rauzy, P., Guilley, S.: Countermeasures against high-order fault-injection attacks on CRT-RSA. In: FDTC 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 68–82. IEEE, September 2014
Rivière, L., Najm, Z., Rauzy, P., Danger, J.-L., Bringer, J., Sauvage, L.: High precision fault injections on the instruction cache of ARMv7-M architectures. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, pp. 62–67. IEEE, Washington, 5–7 May 2015
Verbauwhede, I., Karaklajic, D., Schmidt, J.: The fault attack jungle - a classification model to guide you. In: Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 3–8. IEEE (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Dureuil, L., Potet, ML., de Choudens, P., Dumas, C., Clédière, J. (2016). From Code Review to Fault Injection Attacks: Filling the Gap Using Fault Model Inference. In: Homma, N., Medwed, M. (eds) Smart Card Research and Advanced Applications. CARDIS 2015. Lecture Notes in Computer Science(), vol 9514. Springer, Cham. https://doi.org/10.1007/978-3-319-31271-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-31271-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31270-5
Online ISBN: 978-3-319-31271-2
eBook Packages: Computer ScienceComputer Science (R0)