Cryptography Reference
In-Depth Information
Table 16.2
Summary of low-cost fault injection techniques: all methods require only basic or
moderate technical skills
Technique
HTA
a
KPIA
b
Accuracy [space]
Accuracy [time]
Permanent modifications
Underfeeding
High
None
No
No
No
Voltage spikes
Low
Moderate
No
No
Partial
Clock glitches
Low
High
No
Yes
Yes
Heat
Low
None
Possibly
Partial
Yes
EM pulses
Low
Moderate
Possibly
No
No
Light irradiation
Low
Low
Yes
Yes
No
a
Hindered by technological advances
b
KPIA: requires knowledge of physical implementation
aspects
be disturbed (e.g., the board on which the chip under attack was mounted) were
properly shielded by aluminum plates connected to a common ground. The spark
generator can be triggered by a circuit, related to the clock signal of the device
under attack, in order to achieve moderate timing accuracy for the fault injection.
The only technological limitation of this technique is represented by the chips that
employ grounded metal packaging (usually for heat sinking purposes), which act as
an EM shield. The decapsulation of the chip is mandatory to successfully lead the
attack, and this adds a step that requires uncommon technical skill. Nonetheless, the
decapsulation procedure may be performed with low-cost equipment (nitric acid and
common glassware from a chemistry lab), without noticeably raising the cost of the
attack.
Assuming the attacker is able to successfully decapsulate a chip, it is possible to
perform fault injection attacks by illuminating the die with a high energy light source
such as an UV lamp or a camera flash. The strong irradiation on the silicon surface can
cause the erasure of EEPROM and Flash memory cells, where constants important
for an algorithm's execution are kept. Depending on the duration of the irradiation
process, the authors of [361] report a progressive blanking of all the memory cells,
together with the resetting of the internal protection fuses of the microprocessor
targeted during the attack. Schmidt et al. [361] provide a survey of the speeds at
which the memories of different types of microprocessors get erased, and conclude
that it is possible also to selectively wipe out only a part of the stored data by exposing
only a part of the die to UV irradiation. The employed workbench to blank part of
the microprocessor memory cells is very simple and involves only a UV lamp, which
is shone on the exposed silicon die of the microprocessor from very close. In order
to shield the parts of the circuit that do not need to be exposed, it is possible to cover
them with UV-resistant, dye which can be bought in hardware stores. This technique
is limited by the possible placing of the memory cells on layers buried under the
top one on a multi-layer chip. Since the manufacturing process of a multi-layer die
needs to have a flat surface before the next layer is etched, the memory cells laid on
bottom layers are covered with metal tiles, which act as a shield from irradiation.
Table
16.2
provides a summary of the fault injection techniques that rely on a
low budget, making a comparison among them. From this summary it emerges that
