Cryptography Reference
In-Depth Information
to inject faults, in a reliable and repeatable fashion, into the computation of the
target cryptographic primitive (implemented in either hardware or software). The first
factor has received a number of responses and every widely employed cryptographic
algorithm has a number of possible attack procedures based on appropriate fault
and error types [64-66, 69]. Sometimes however, such procedures are based on
very peculiar or well-targeted fault models and errors, which are either practically
infeasible or widely believed to be physically realizable with great difficulty. This
is especially true when the fault model mandates a radical change in the circuit
design, more than just an inducible misbehavior of the hardware which comes with
some unavoidable degree of randomness and imprecision, despite the accuracy of the
injection methodology. The second factor is more critical as it relies on the feasibility
of inducing an alteration in the working environment, which is determined by the
technological advances in the employed equipment. It is not easy at all to inject an
exploitable fault into a computing device with a sensible degree of reproducibility
and accuracy, regardless of the fact that the targeted device is a dedicated hardware
accelerator or a general purpose microprocessor executing a software routine.
It is possible to split the injection techniques into two categories, depending on the
cost of the required equipment. Among the most viable techniques, i.e. those whose
cost may be a casual but motivated attacker's budget, the most common ones rely on
tampering with one of the input lines of the computing device, either the clock signal
or the power supply line [12, 23, 24, 359, 369]. Among the techniques requiring
a significant budget to be practically carried out, the best documented one is the
induction of faults in a computing circuit through irradiation with a coherent light
beam (i.e., a laser) [377]. Since the most viable and applied techniques to inject faults
are those needing a low budget, we will propose, as a case study, the injection of faults
during the execution of a software primitive on a general-purpose microprocessor
operating under the a condition of power underfeeding. The effects of supply voltage
reductions on an hardware cryptographic accelerator are described in Sect. 17.3 .
16.2 Fault Injection Technologies
The techniques employed to alter the correct functioning of a computing device are
basically an in vitro reproduction of the causes of natural hazards. These causes are
selected from the whole range of working environment alterations, such as changes
in the power supply, irregularities in the generation of the clock for synchronous cir-
cuits, anomalous irradiation, electromagnetic disturbances or physical alteration of
the circuit due to nanoscale wear. Since the range of technological options to induce
these alterations is large and getting wider, in order to provide a clearer overview,
the description of the techniques will follow a classification, which divides them
according to the required budget. We will point out the degree of technical skill and
knowledge of the implementation required to employ the injection methods, and we
will characterize the model of the achievable faults with respect to their effective-
ness and temporal spatial accuracy. The combination of these criteria enables a chip
Search WWH ::




Custom Search