Skip to main content
SpringerLink
Log in

Synchronization method for SCA and fault attacks

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

This paper shows how effectiveness of side-channel and fault attacks can be improved for devices running from internal clock sources. Due to frequency instability of internally clocked chips, attacking them was always a great challenge. A significant improvement was achieved by using a frequency injection locking technique via the power supply line of a chip. As a result, the analysis of a semiconductor chip can be accomplished with less effort and in shorter time. Successful synchronization was demonstrated on a secure microcontroller and a secure FPGA. This paper presents research into limits for synchronization and discusses possible countermeasures against frequency injection attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: CRYPTO’99, Santa Barbara, USA. LNCS, vol. 1666, pp. 388–397. Springer-Verlag (1999)

  2. Quisquater, J.-J., Samyde, D.: ElectroMagnetic analysis (EMA): measures and counter-measures for smard cards. In: Smart Card Programming and Security (E-smart 2001), Cannes, France. LNCS, vol. 2140, pp. 200–210. Springer-Verlag (2001)

  3. Messerges, T., Dabbish, E., Sloan, R.: Investigations of Power Analysis Attacks on Smartcards. In: USENIX Workshop on Smartcard Technology, Chicago, Illinois, USA (1999)

  4. Mangard S., Oswald E., Popp T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, New York (2007)

    MATH  Google Scholar 

  5. Sauvage, L., Guilley, S., Mathieu, Y.: Electromagnetic radiations of FPGAs: high spatial resolution cartography and attack of a cryptographic module. ACM Trans. Reconfigurable Technol. Syst. (TRETS), 2(1) (2009)

  6. Real, D., Canovas, C., Clediere, J., Drissi, M.: Defeating classical hardware countermesures: a new processing for side channel analysis. DATE2008, pp. 1274–1279 (2008)

  7. Kafi, M., Guilley, S., Marcello, S., Naccache, D.: Deconvolving protected signals. ARES2009, pp. 687–694 (2009)

  8. Ferrigno J., Hlava M.: When AES blinks: introducing optical side channel. IET Inf. Secur. 2(3), 94–98 (2008)

    Article  Google Scholar 

  9. Skorobogatov, S.: Using optical emission analysis for estimating contribution to power analysis. In: 6th Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC-2009), pp. 111–119, Lausanne, Switzerland. IEEE-CS Press (2009)

  10. Markettos, A.T., Moore, S.W.: The frequency injection attack on ring-oscillator-based true random number generators. In: Cryptographic Hardware and Embedded Systems Workshop (CHES-2009), Lausanne, Switzerland. LNCS, vol. 5747, pp. 317–331. Springer (2009)

  11. Kommerling. O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: USENIX Workshop on Smartcard Technology, Chicago, Illinois, USA (1999)

  12. RC Oscillator. Electronics-Tutorials.http://www.electronicstutorials.ws/oscillator/rc_oscillator.html.. Accessed 21 Jan 2011

  13. CMOS Oscillators. Fairchild Semiconductor. http://www12.fairchildsemi.com/an/AN/AN-118.pdf . Accessed 21 Jan 2011

  14. Adler R.: A study of locking phenomena in oscillators. Proc. IRE Waves Electrons 34, 351–357 (1946)

    Google Scholar 

  15. Razavi, B.: A study of injection pulling and locking in oscillators. In: IEEE Custom Integrated Circuits Conference, pp. 305–312 (2003)

  16. Texas Instruments MSP430C11x1, MSP430F11x1A Mixed Signal Microcontroller. http://focus.ti.com/lit/ds/symlink/msp430f1121a.pdf.. Accessed 21 Jan 2011

  17. Actel ProASIC3 Handbook. ProASIC3 Flash Family FPGAs. http://www.actel.com/documents/PA3_DS.pdf . Accessed 21 Jan 2011

  18. PIC16F62X Data Sheet. Flash-Based 8-Bit CMOS Microcontroller. http://ww1.microchip.com/downloads/en/DeviceDoc/40300C.pdf . Accessed 21 Jan 2011

  19. Skorobogatov, S.: 2010 Flash memory ’Bumping’ attacks. In: Cryptographic Hardware and Embedded Systems Workshop (CHES-2010) Santa Barbara, USA. LNCS, vol. 6225, pp. 158–172. Springer (2010)

Download references

Author information

Authors and Affiliations

  1. University of Cambridge Computer Laboratory, 15 JJ Thomson Avenue, Cambridge, CB3 0FD, UK

    Sergei Skorobogatov

Authors
  1. Sergei Skorobogatov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sergei Skorobogatov.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Skorobogatov, S. Synchronization method for SCA and fault attacks. J Cryptogr Eng 1, 71–77 (2011). https://doi.org/10.1007/s13389-011-0004-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-011-0004-0

Keywords

Search

Navigation