Cryptography Reference
In-Depth Information
Chapter 17
Global Faults on Cryptographic Circuits
Sylvain Guilley and Jean-Luc Danger
Abstract
Methods of injecting faults in a laboratory are numerous and varied. We
divide the state of the art in methods of injecting faults in electronic circuits into
two categories. The first is global attacks, which disturb all the equipotentials of
a netlist simultaneously. The second is local attacks, which target a more specific
zone of the components' surface, rear or front. Global attacks are a less accurate
method of injecting faults but require a much lower budget. This chapter further
discusses the specifics of global versus local faults. Then, it provides models for
global faults and demonstrates that most theoretical fault attack constructions can be
obtained in practice by means of global fault injection. To illustrate this, we provide
an extensive characterization of fault models by emulation (FPGA) on application-
specific devices (ASICs). Finally, this chapter ends with an exhaustive survey of the
experimental means of injecting global faults and their effect as a critical path setup
time violation phenomenon.
17.1 Introduction
The behavior of electronic systems can be transiently or permanently modified as
soon as they are made to operate out of their specified functional environment. An
attacker can take advantage of this to mount active attacks, with a view to bypass or
defeat cryptographic mechanisms. Depending on the physical accessibility and the
tamper-resistance of the target device, an attacker can opt for either a global or a local
attack. A global attack can be induced by many vectors, such as glitches, on global
input or bidirectional lines, over-clocking, under-powering or heating. This contrasts
with local faults, caused by the exposure of a portion of a decapsulated component to
