Abstract
Cryptographic integrated circuits (ICs) used to implement cryptographic algorithms have been widely applied to numerous security-critical environments nowadays. Fault injection is a powerful attack method on the cryptographic ICs, which will lead to the disclosure of secret information. Therefore, security detection under fault injection attacks has become very important. However, the existing security testing methods rely on experience to roughly judge the security of the chip through brute force testing, and they can not comprehensively locate and identify the security vulnerabilities. In this paper, we propose a novel method to detect security vulnerabilities of cryptographic ICs against fault injection attacks in the form of a linear programming problem based on compressed sensing (CS) and basis pursuit. We first identify sensitive logic cells of cryptographic IC in the design stage and then apply the incoherent observation method of CS to detect the states of these sensitive logic cells under fault injection attacks. Finally, according to the observation results, the vulnerability of these sensitive logic cells under fault injection attacks can be solved through linear programming. Thus, the security vulnerabilities are identified. Simulation results on a cryptographic IC demonstrate that the proposed method is capable to accurately identify the security vulnerabilities with negligible hardware overhead and is robust to noise interference. The identification of the security vulnerabilities is of great importance to security reinforcement and security evaluation.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig7_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig8_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig9_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig10_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig11_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00324-2/MediaObjects/13389_2023_324_Fig12_HTML.png)
Similar content being viewed by others
Data Availability
The datasets generated and analyzed during the current study are available from the corresponding author on reasonable request.
References
Andráš, I., Dolinskỳ, P., Michaeli, L., Šaliga, J.: Sparse signal acquisition via compressed sensing and principal component analysis. Meas. Sci. Rev. 18(5), 175–182 (2018)
Azar, K.Z., Kamali, H.M., Homayoun, H., Sasan, A.: From cryptography to logic locking: a survey on the architecture evolution of secure scan chains. IEEE Access 9, 73133–73151 (2021)
Breier, J., Hou, X.: Introduction to fault analysis in cryptography. In: Automated Methods in Cryptographic Fault Analysis, pp. 1–10. Springer (2019)
Breier, J., Jap, D., Chen, C.N.: Laser-based fault injection on microcontrollers. In: Fault Tolerant Architectures for Cryptography and Hardware Security, pp. 81–110. Springer (2018)
Cohen, A., Dahmen, W., DeVore, R.: Orthogonal matching pursuit under the restricted isometry property. Constr. Approx. 45(1), 113–127 (2017)
Cooper, M., Schaffer, K.: Security requirements for cryptographic modules (2019)
Dey, P., Rohit, R.S., Adhikari, A.: Full key recovery of acorn with a single fault. J. Inf. Secur. Appl. 29, 57–64 (2016)
Dutertre, J.M., Beroulle, V., Candelier, P., De C., S., Faber, L.B., Flottes, M., Gendrier, P., Hely, D., Leveugle, R., Maistri, P.: Laser fault injection at the cmos 28 nm technology node: an analysis of the fault model. In: 2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 1–6. IEEE (2018)
Eslami, M., Ghavami, B., Raji, M., Mahani, A.: A survey on fault injection methods of digital integrated circuits. Integration 71, 154–163 (2020). https://doi.org/10.1016/j.vlsi.2019.11.006
Gilbert, E.P.K., Kaliaperumal, B., Rajsingh, E.B., Lydia, M.: Trust based data prediction, aggregation and reconstruction using compressed sensing for clustered wireless sensor networks. Comput. Electr. Eng. 72, 894–909 (2018)
Given-Wilson, T., Jafri, N., Legay, A.: The state of fault injection vulnerability detection. In: International Conference on Verification and Evaluation of Computer and Communication Systems, pp. 3–21. Springer (2018)
Given-Wilson, T., Jafri, N., Legay, A.: Combined software and hardware fault injection vulnerability detection. Innov. Syst. Softw. Eng. 16(2), 101–120 (2020)
Hauschild, F., Garb, K., Auer, L., Selmke, B., Obermaier, J.: Archie: A qemu-based framework for architecture-independent evaluation of faults. In: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC), pp. 20–30. IEEE (2021)
Jin, J.: Application of compressive sensing technology and image processing in space exploration. In: Proceedings of the 7th International Conference on Cyber Security and Information Engineering, pp. 240–244 (2022)
Kazemi, Z., Hely, D., Fazeli, M., Beroulle, V.: A review on evaluation and configuration of fault injection attack instruments to design attack resistant MCU-based IoT applications. Electronics 9(7), 1153 (2020)
Lee, K.J., Liu, C.A., Wu, C.C.: A dynamic-key based secure scan architecture for manufacturing and in-field IC testing. IEEE Trans. Emerging Top. Comput. (2020)
Li, H., Du, G., Shao, C., Dai, L., Xu, G., Guo, J.: Heavy-ion microbeam fault injection into SRAM-based FPGA implementations of cryptographic circuits. IEEE Trans. Nucl. Sci. 62(3), 1341–1348 (2015)
Li, L., Fang, Y., Liu, L., Peng, H., Kurths, J., Yang, Y.: Overview of compressed sensing: sensing model, reconstruction algorithm, and its applications. Appl. Sci. 10(17), 5909 (2020)
Petryk, D., Dyka, Z., Sorge, R., Schäffner, J., Langendörfer, P.: Optical fault injection attacks against radiation-hard shift registers. In: 2021 24th Euromicro Conference on Digital System Design (DSD), pp. 371–375. IEEE (2021)
Polian, I.: Fault attacks on cryptographic circuits. In: 2019 17th IEEE International New Circuits and Systems Conference (NEWCAS), pp. 1–4 (2019). 10.1109/NEWCAS44328.2019.8961309
Potestad-Ordóñez, F.E., Tena-Sánchez, E., Acosta-Jiménez, A.J., Jiménez-Fernández, C.J., Chaves, R.: Hardware countermeasures benchmarking against fault attacks. Appl. Sci. 12(5), 2443 (2022)
Qin, Z., Fan, J., Liu, Y., Gao, Y., Li, G.Y.: Sparse representation for wireless communications: a compressive sensing approach. IEEE Signal Process. Mag. 35(3), 40–58 (2018)
Richter-Brockmann, J., Sasdrich, P., Guneysu, T.: Revisiting fault adversary models–hardware faults in theory and practice. IEEE Trans. Comput. (2022)
Rodriguez, J., Baldomero, A., Montilla, V., Mujal, J.: Llfi: Lateral laser fault injection attack. In: 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 41–47. IEEE (2019)
Saudy, N.F., Ali, I.A., Al Barkouky, R.: Error analysis and detection procedures for elliptic curve cryptography. Ain Shams Eng. J. 10(3), 587–597 (2019)
Sedjelmaci, H., Senouci, S.M.: Cyber security methods for aerial vehicle networks: taxonomy, challenges and solution. J. Supercomput. 74(10), 4928–4944 (2018)
Selmke, B., Pollanka, M., Duensing, A., Strieder, E., Wen, H., Mittermair, M., Sigl, G., et al.: On the application of two-photon absorption for laser fault injection attacks: pushing the physical boundaries for laser-based fault injection. IACR Trans. Cryptogr. Hardware and Embedded Syst. pp. 862–885 (2022)
Selmke, B., Pollanka, M., Duensing, A., Strieder, E., Wen, H., Mittermair, M., Sigl, G., et al.: On the application of two-photon absorption for laser fault injection attacks: Pushing the physical boundaries for laser-based fault injection. IACR Trans. Cryptogr. Hardw. Embed. Syst. pp. 862–885 (2022)
Selmke, B., Strieder, E., Heyszl, J., Freud, S., Damm, T.: Breaking black box crypto-devices using laser fault injection. In: International Symposium on Foundations and Practice of Security, pp. 75–90. Springer (2022)
Shao, C., Li, H., Zhang, X.: Cryptographic implementation of rsa for ion fault injection attack. In: 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC), pp. 791–796. IEEE (2014)
Shao, C., Li, H., Zhou, J.: Fast and automatic security test on cryptographic ICs against fault injection attacks based on design for security test. IET Inf. Secur. 11(6), 312–318 (2017)
Shi, Y., Zhu, X.X., Yin, W., Bamler, R.: A fast and accurate basis pursuit denoising algorithm with application to super-resolving tomographic SAR. IEEE Trans. Geosci. Remote Sens. 56(10), 6148–6158 (2018)
Sravani, M.M., Durai, S.A.: Attacks on cryptosystems implemented via vlsi: a review. J. Inf. Secur. Appl. 60, 102,861 (2021)
Tong, F., Li, L., Peng, H., Yang, Y.: Flexible construction of compressed sensing matrices with low storage space and low coherence. Signal Process. 182, 107,951 (2021)
Traiola, M., Virazel, A., Girard, P., Barbareschi, M., Bosio, A.: A test pattern generation technique for approximate circuits based on an ILP-formulated pattern selection procedure. IEEE Trans. Nanotechnol. 18, 849–857 (2019)
Wang, H., Li, H., Rahman, F., Tehranipoor, M.M., Farahmandi, F.: Sofi: security property-driven vulnerability assessments of ICS against fault-injection attacks. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 41(3), 452–465 (2021)
Wang, J., Li, J., Wang, H., Zhang, L.Y., Cheng, L.M., Lin, Q.: Dynamic scalable elliptic curve cryptographic scheme and its application to in-vehicle security. IEEE Internet Things J. 6(4), 5892–5901 (2018)
Wu, L., Ribera, G., Beringuier-Boher, N., Picek, S.: A fast characterization method for semi-invasive fault injection attacks. In: Topics in Cryptology–CT-RSA 2020: The Cryptographers’ Track at the RSA Conference 2020, San Francisco, CA, USA, February 24–28, 2020, Proceedings, pp. 146–170. Springer (2020)
Zhang, Q., Chen, Y., Chen, Y., Chi, L., Wu, Y.: A cognitive signals reconstruction algorithm based on compressed sensing. In: 2015 IEEE 5th Asia-Pacific Conference on Synthetic Aperture Radar (APSAR), pp. 724–727. IEEE (2015)
Acknowledgements
This work was supported by National Natural Science Foundation of China with Grant No. 62004212, Basic and Applied Basic Research Foundation of Guangdong Province with Grant No. 2022A1515010284, Shenzhen Basic Research Project with Grant Nos. JCYJ20210324101210027, JCYJ20220818100814033, the Laboratory Open Fund of Beijing Smart-Chip Microelectronics Technology Co. Ltd. with Grant SGSC0000SJQT2207161, Shenzhen Key Laboratory of Electric Vehicle Powertrain Platform and Safety Technology, CAS Key Laboratory of Human–Machine Intelligence-Synergy Systems, Shenzhen Institute of Advanced Technology, and Guangdong-Hong Kong-Macao Joint Laboratory of Human–Machine Intelligence-Synergy Systems (No. 2019B121205007).
Author information
Authors and Affiliations
Contributions
CS performed investigation, methodology, and writing-original draft preparation. DZ performed conceptualization and review. HL performed supervision and data analysis. SC performed the simulation experiment. SG performed drawing the figures. LY performed proofreading of the manuscript. All authors reviewed and approved the final version of the manuscript.
Corresponding author
Ethics declarations
Conflict of Interests
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Shao, C., Zhao, D., Li, H. et al. Detection of security vulnerabilities in cryptographic ICs against fault injection attacks based on compressed sensing and basis pursuit. J Cryptogr Eng 14, 57–70 (2024). https://doi.org/10.1007/s13389-023-00324-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-023-00324-2