Cryptography Reference
In-Depth Information
and thus allowing the code loading operations to be performed directly from mem-
ory. Since the alterations are chip-dependent, the exploitation of this kind of fault
requires us to precisely know which bit is affected by the fault, and thus to determine
which instruction substitutions are performed. Nonetheless, since our methodology
of probing does not compromise the computing architecture, it is possible to scan a
sample chip in order to understand which of these code mutations are performed and
to devise specific attacks.
16.4 Conclusion
This chapter reviews invasive and semi-invasive fault injection techniques, putting
forth a classification of the state-of-the-art methodologies in terms of high-cost and
low-cost injection equipment and methods. The fault model derived from the constant
underfeeding of a general-purpose microprocessor is fully characterized in order to
infer how faulty hardware behavior causes software errors. The induced faults have
been characterized in both position and corruption patterns, by splitting the effects
into two classes: data corruption and instruction substitution. The most appealing
features of the model derive from the ease of induction and the absence of future
hurdles caused by the continuing evolution of chip building techniques.
