Cryptography Reference
In-Depth Information
(a)
(b)
Fig. 16.6
Excerpt from the ARM ISA description [17] depicting branch and data processing instruc-
tions. Grayed areas point out the interesting fields during fault injection
Since the AND and the XOR instructions have radically different behavior, it is
possible to alter the inner working of the algorithm by exchanging them, thus leading
to the possible computation of a weaker version.
Given that the ARM architecture allows the conditional execution of all the
arithmetic-logical instructions, and stores the kind of condition in a suffix of the
opcode, as Fig.
16.6
depicts, it is possible for the error to actually invert the condi-
tion of the predicate instruction.
For instance, in the following code sample, the two instructions share the same
opcode except for the zero-condition bit setting:
ADDNE R1,R1,#0x42 @ Fault Free
ADDEQ R1,R1,#0x42 @ Faulty
This behavior could lead to mis-executions of the algorithm leaking significant con-
tent, especially if the conditional instructions are directly related to the key value (e.g.
in the common square-and-multiply algorithm used to perform fast exponentiation).
Moreover, since also the branch instructions rely on the same condition bits of the
common condition, the control flow of the program may be equally altered if the
condition bit of a branch is flipped, as in the following sample:
BNE LOOP @ Fault Free
BEQ LOOP @ Faulty
This kind of alteration may lead to substantial control flow alterations, which can
lead to lowering the number of times a loop is executed or to skipping it altogether,
thus resulting in substantial reductions in the complexity of a cryptographic primitive
computed on the device.
We have been able to reproduce all the aforementioned alterations on our chip
samples by running the probing programs without enabling the instruction cache,
