Skip to main content
SpringerLink
Log in

Detection of security vulnerabilities in cryptographic ICs against fault injection attacks based on compressed sensing and basis pursuit

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Cryptographic integrated circuits (ICs) used to implement cryptographic algorithms have been widely applied to numerous security-critical environments nowadays. Fault injection is a powerful attack method on the cryptographic ICs, which will lead to the disclosure of secret information. Therefore, security detection under fault injection attacks has become very important. However, the existing security testing methods rely on experience to roughly judge the security of the chip through brute force testing, and they can not comprehensively locate and identify the security vulnerabilities. In this paper, we propose a novel method to detect security vulnerabilities of cryptographic ICs against fault injection attacks in the form of a linear programming problem based on compressed sensing (CS) and basis pursuit. We first identify sensitive logic cells of cryptographic IC in the design stage and then apply the incoherent observation method of CS to detect the states of these sensitive logic cells under fault injection attacks. Finally, according to the observation results, the vulnerability of these sensitive logic cells under fault injection attacks can be solved through linear programming. Thus, the security vulnerabilities are identified. Simulation results on a cryptographic IC demonstrate that the proposed method is capable to accurately identify the security vulnerabilities with negligible hardware overhead and is robust to noise interference. The identification of the security vulnerabilities is of great importance to security reinforcement and security evaluation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

Data Availability

The datasets generated and analyzed during the current study are available from the corresponding author on reasonable request.

References

  1. Andráš, I., Dolinskỳ, P., Michaeli, L., Šaliga, J.: Sparse signal acquisition via compressed sensing and principal component analysis. Meas. Sci. Rev. 18(5), 175–182 (2018)

    Article  Google Scholar 

  2. Azar, K.Z., Kamali, H.M., Homayoun, H., Sasan, A.: From cryptography to logic locking: a survey on the architecture evolution of secure scan chains. IEEE Access 9, 73133–73151 (2021)

    Article  Google Scholar 

  3. Breier, J., Hou, X.: Introduction to fault analysis in cryptography. In: Automated Methods in Cryptographic Fault Analysis, pp. 1–10. Springer (2019)

  4. Breier, J., Jap, D., Chen, C.N.: Laser-based fault injection on microcontrollers. In: Fault Tolerant Architectures for Cryptography and Hardware Security, pp. 81–110. Springer (2018)

  5. Cohen, A., Dahmen, W., DeVore, R.: Orthogonal matching pursuit under the restricted isometry property. Constr. Approx. 45(1), 113–127 (2017)

    Article  MathSciNet  Google Scholar 

  6. Cooper, M., Schaffer, K.: Security requirements for cryptographic modules (2019)

  7. Dey, P., Rohit, R.S., Adhikari, A.: Full key recovery of acorn with a single fault. J. Inf. Secur. Appl. 29, 57–64 (2016)

    Google Scholar 

  8. Dutertre, J.M., Beroulle, V., Candelier, P., De C., S., Faber, L.B., Flottes, M., Gendrier, P., Hely, D., Leveugle, R., Maistri, P.: Laser fault injection at the cmos 28 nm technology node: an analysis of the fault model. In: 2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 1–6. IEEE (2018)

  9. Eslami, M., Ghavami, B., Raji, M., Mahani, A.: A survey on fault injection methods of digital integrated circuits. Integration 71, 154–163 (2020). https://doi.org/10.1016/j.vlsi.2019.11.006

    Article  Google Scholar 

  10. Gilbert, E.P.K., Kaliaperumal, B., Rajsingh, E.B., Lydia, M.: Trust based data prediction, aggregation and reconstruction using compressed sensing for clustered wireless sensor networks. Comput. Electr. Eng. 72, 894–909 (2018)

    Article  Google Scholar 

  11. Given-Wilson, T., Jafri, N., Legay, A.: The state of fault injection vulnerability detection. In: International Conference on Verification and Evaluation of Computer and Communication Systems, pp. 3–21. Springer (2018)

  12. Given-Wilson, T., Jafri, N., Legay, A.: Combined software and hardware fault injection vulnerability detection. Innov. Syst. Softw. Eng. 16(2), 101–120 (2020)

    Article  Google Scholar 

  13. Hauschild, F., Garb, K., Auer, L., Selmke, B., Obermaier, J.: Archie: A qemu-based framework for architecture-independent evaluation of faults. In: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC), pp. 20–30. IEEE (2021)

  14. Jin, J.: Application of compressive sensing technology and image processing in space exploration. In: Proceedings of the 7th International Conference on Cyber Security and Information Engineering, pp. 240–244 (2022)

  15. Kazemi, Z., Hely, D., Fazeli, M., Beroulle, V.: A review on evaluation and configuration of fault injection attack instruments to design attack resistant MCU-based IoT applications. Electronics 9(7), 1153 (2020)

    Article  Google Scholar 

  16. Lee, K.J., Liu, C.A., Wu, C.C.: A dynamic-key based secure scan architecture for manufacturing and in-field IC testing. IEEE Trans. Emerging Top. Comput. (2020)

  17. Li, H., Du, G., Shao, C., Dai, L., Xu, G., Guo, J.: Heavy-ion microbeam fault injection into SRAM-based FPGA implementations of cryptographic circuits. IEEE Trans. Nucl. Sci. 62(3), 1341–1348 (2015)

    Article  Google Scholar 

  18. Li, L., Fang, Y., Liu, L., Peng, H., Kurths, J., Yang, Y.: Overview of compressed sensing: sensing model, reconstruction algorithm, and its applications. Appl. Sci. 10(17), 5909 (2020)

    Article  Google Scholar 

  19. Petryk, D., Dyka, Z., Sorge, R., Schäffner, J., Langendörfer, P.: Optical fault injection attacks against radiation-hard shift registers. In: 2021 24th Euromicro Conference on Digital System Design (DSD), pp. 371–375. IEEE (2021)

  20. Polian, I.: Fault attacks on cryptographic circuits. In: 2019 17th IEEE International New Circuits and Systems Conference (NEWCAS), pp. 1–4 (2019). 10.1109/NEWCAS44328.2019.8961309

  21. Potestad-Ordóñez, F.E., Tena-Sánchez, E., Acosta-Jiménez, A.J., Jiménez-Fernández, C.J., Chaves, R.: Hardware countermeasures benchmarking against fault attacks. Appl. Sci. 12(5), 2443 (2022)

    Article  Google Scholar 

  22. Qin, Z., Fan, J., Liu, Y., Gao, Y., Li, G.Y.: Sparse representation for wireless communications: a compressive sensing approach. IEEE Signal Process. Mag. 35(3), 40–58 (2018)

    Article  Google Scholar 

  23. Richter-Brockmann, J., Sasdrich, P., Guneysu, T.: Revisiting fault adversary models–hardware faults in theory and practice. IEEE Trans. Comput. (2022)

  24. Rodriguez, J., Baldomero, A., Montilla, V., Mujal, J.: Llfi: Lateral laser fault injection attack. In: 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 41–47. IEEE (2019)

  25. Saudy, N.F., Ali, I.A., Al Barkouky, R.: Error analysis and detection procedures for elliptic curve cryptography. Ain Shams Eng. J. 10(3), 587–597 (2019)

    Article  Google Scholar 

  26. Sedjelmaci, H., Senouci, S.M.: Cyber security methods for aerial vehicle networks: taxonomy, challenges and solution. J. Supercomput. 74(10), 4928–4944 (2018)

    Article  Google Scholar 

  27. Selmke, B., Pollanka, M., Duensing, A., Strieder, E., Wen, H., Mittermair, M., Sigl, G., et al.: On the application of two-photon absorption for laser fault injection attacks: pushing the physical boundaries for laser-based fault injection. IACR Trans. Cryptogr. Hardware and Embedded Syst. pp. 862–885 (2022)

  28. Selmke, B., Pollanka, M., Duensing, A., Strieder, E., Wen, H., Mittermair, M., Sigl, G., et al.: On the application of two-photon absorption for laser fault injection attacks: Pushing the physical boundaries for laser-based fault injection. IACR Trans. Cryptogr. Hardw. Embed. Syst. pp. 862–885 (2022)

  29. Selmke, B., Strieder, E., Heyszl, J., Freud, S., Damm, T.: Breaking black box crypto-devices using laser fault injection. In: International Symposium on Foundations and Practice of Security, pp. 75–90. Springer (2022)

  30. Shao, C., Li, H., Zhang, X.: Cryptographic implementation of rsa for ion fault injection attack. In: 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), pp. 791–796. IEEE (2014)

  31. Shao, C., Li, H., Zhou, J.: Fast and automatic security test on cryptographic ICs against fault injection attacks based on design for security test. IET Inf. Secur. 11(6), 312–318 (2017)

    Article  Google Scholar 

  32. Shi, Y., Zhu, X.X., Yin, W., Bamler, R.: A fast and accurate basis pursuit denoising algorithm with application to super-resolving tomographic SAR. IEEE Trans. Geosci. Remote Sens. 56(10), 6148–6158 (2018)

    Google Scholar 

  33. Sravani, M.M., Durai, S.A.: Attacks on cryptosystems implemented via vlsi: a review. J. Inf. Secur. Appl. 60, 102,861 (2021)

  34. Tong, F., Li, L., Peng, H., Yang, Y.: Flexible construction of compressed sensing matrices with low storage space and low coherence. Signal Process. 182, 107,951 (2021)

  35. Traiola, M., Virazel, A., Girard, P., Barbareschi, M., Bosio, A.: A test pattern generation technique for approximate circuits based on an ILP-formulated pattern selection procedure. IEEE Trans. Nanotechnol. 18, 849–857 (2019)

    Article  Google Scholar 

  36. Wang, H., Li, H., Rahman, F., Tehranipoor, M.M., Farahmandi, F.: Sofi: security property-driven vulnerability assessments of ICS against fault-injection attacks. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 41(3), 452–465 (2021)

    Article  Google Scholar 

  37. Wang, J., Li, J., Wang, H., Zhang, L.Y., Cheng, L.M., Lin, Q.: Dynamic scalable elliptic curve cryptographic scheme and its application to in-vehicle security. IEEE Internet Things J. 6(4), 5892–5901 (2018)

    Article  Google Scholar 

  38. Wu, L., Ribera, G., Beringuier-Boher, N., Picek, S.: A fast characterization method for semi-invasive fault injection attacks. In: Topics in Cryptology–CT-RSA 2020: The Cryptographers’ Track at the RSA Conference 2020, San Francisco, CA, USA, February 24–28, 2020, Proceedings, pp. 146–170. Springer (2020)

  39. Zhang, Q., Chen, Y., Chen, Y., Chi, L., Wu, Y.: A cognitive signals reconstruction algorithm based on compressed sensing. In: 2015 IEEE 5th Asia-Pacific Conference on Synthetic Aperture Radar (APSAR), pp. 724–727. IEEE (2015)

Download references

Acknowledgements

This work was supported by National Natural Science Foundation of China with Grant No. 62004212, Basic and Applied Basic Research Foundation of Guangdong Province with Grant No. 2022A1515010284, Shenzhen Basic Research Project with Grant Nos. JCYJ20210324101210027, JCYJ20220818100814033, the Laboratory Open Fund of Beijing Smart-Chip Microelectronics Technology Co. Ltd. with Grant SGSC0000SJQT2207161, Shenzhen Key Laboratory of Electric Vehicle Powertrain Platform and Safety Technology, CAS Key Laboratory of Human–Machine Intelligence-Synergy Systems, Shenzhen Institute of Advanced Technology, and Guangdong-Hong Kong-Macao Joint Laboratory of Human–Machine Intelligence-Synergy Systems (No. 2019B121205007).

Author information

Authors and Affiliations

  1. Shenzhen Institute of Advanced Technology, Chinese Academy of Sciences, Shenzhen, 518055, China

    Cuiping Shao, Huiyun Li & Liuqing Yang

  2. State Grid Key Laboratory of Power Industrial Chip Reliability Technology, Beijing Smart-Chip Microelectronics Technology Co. Ltd., Beijing, 100192, China

    Dongyan Zhao, Song Cheng & Shunxian Gao

Authors
  1. Cuiping Shao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dongyan Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huiyun Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Song Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shunxian Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Liuqing Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

CS performed investigation, methodology, and writing-original draft preparation. DZ performed conceptualization and review. HL performed supervision and data analysis. SC performed the simulation experiment. SG performed drawing the figures. LY performed proofreading of the manuscript. All authors reviewed and approved the final version of the manuscript.

Corresponding author

Correspondence to Cuiping Shao.

Ethics declarations

Conflict of Interests

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shao, C., Zhao, D., Li, H. et al. Detection of security vulnerabilities in cryptographic ICs against fault injection attacks based on compressed sensing and basis pursuit. J Cryptogr Eng 14, 57–70 (2024). https://doi.org/10.1007/s13389-023-00324-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-023-00324-2

Keywords

Search

Navigation