Sayandeep Saha
ABSTRACT
Assessment of the security provided by a fault attack countermeasure is challenging, given that a protected cipher may leak the key if the countermeasure is not designed correctly. This paper proposes, for the first time, a statistical framework to detect information leakage in fault attack countermeasures. Based on the concept of non-interference, we formalize the leakage for fault attacks and provide a t-test based methodology for leakage assessment. One major strength of the proposed framework is that leakage can be detected without the complete knowledge of the countermeasure algorithm, solely by observing the faulty ciphertext distributions. Experimental evaluation over a representative set of countermeasures establishes the efficacy of the proposed methodology.
- G. Barthe, S. Belaïd, F. Dupressoir, P. Fouque, B. Grégoire, and P. Strub. 2015. Verified proofs of higher-order masking. In EuroCrypt'15. Springer, 457--485.Google Scholar
- E. Biham and A. Shamir. 1997. Differential fault analysis of secret key cryptosystems. In CRYPTO'97. Springer, Santa Barbara, USA, 513--525. Google ScholarDigital Library
- D. Clark, S. Hunt, and P. Malacaria. 2004. Quantified interference: Information theory and information flow. In WITS'04.Google Scholar
- S. Ghosh, D. Saha, A. Sengupta, and D. Roychowdhury. 2015. Preventing fault attacks using fault randomization with a case study on AES. In ACISP'15. Springer, 343--355.Google Scholar
- B. Gierlichs, J. Schmidt, and M. Tunstall. 2012. Infective computation and dummy rounds: fault protection for block ciphers without check-before-output. In Latin-Crypt'12. Springer, 305--321. Google ScholarDigital Library
- Xiaofei Guo, Debdeep Mukhopadhyay, Chenglu Jin, and Ramesh Karri. 2015. Security analysis of concurrent error detection against differential fault analysis. Journal of Cryptographic Engineering 5, 3 (Sep 2015), 153--169.Google ScholarCross Ref
- V. Lomné, T. Roche, and A. Thillard. 2012. On the need of randomness in fault attack countermeasures-application to AES. In FDTC'12. IEEE, 85--94. Google ScholarDigital Library
- S. Patranabis, A. Chakraborty, and D. Mukhopadhyay. 2017. Fault tolerant infective countermeasure for AES. Journal of Hardware and Systems Security 1, 1 (2017), 3--17.Google ScholarCross Ref
- K. Sakiyama and et. al. 2012. Information-theoretic approach to optimal differential fault analysis. IEEE Trans. Information Forensics and Security 7, 1 (2012), 109--120. Google ScholarDigital Library
- T. Schneider and A. Moradi. 2015. Leakage assessment methodology. In CHES'15. Springer, 495--513.Google Scholar
- M. Tunstall, D. Mukhopadhyay, and S. Ali. 2011. Differential fault analysis of the advanced encryption standard using a single fault. In IFIP, WISTP'11. Springer, Crete, Greece, 224--233. Google ScholarDigital Library
- H. Tupsamudre, S. Bisht, and D. Mukhopadhyay. 2014. Destroying fault invariant with randomization. In CHES'14. Springer, 93--111. Google ScholarDigital Library
Recommendations
Java card operand stack: fault attacks, combined attacks and countermeasures
CARDIS'11: Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced ApplicationsUntil 2009, Java Cards have been mainly threatened by Logical Attacks based on ill-formed applications. The publication of the Java Card 3.0 Connected Edition specifications and their mandatory on-card byte code verification may have then lead to the ...
Countermeasures for timing-based side-channel attacks against shared, modern computing hardware
There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of ...
Transform Without Encode is not Sufficient for SIFA and FTA Security: A Case Study
Constructive Side-Channel Analysis and Secure Design
Comments