Fault Attack Detection in AES by Monitoring Power Side-Channel Statistics

Abstract

Differential Fault Analysis (DFA) is a cryptoanalysis technique to extract internal state of crypto-algorithms by inducing and propagating the faults during encryption. In this work, we present a low-power CMOS based mixed-signal framework for on-line DFA-based clock-glitch attack detection by monitoring power side-channel statistics. We discuss non-parametric kernel density estimation (KDE)-based technique to develop statistical model of power side-channel leakage. Clock-glitch attack is detected by identifying the low-likelihood samples using the developed statistical model. We have implemented KDE using CMOS current-mode Gilbert Gaussian Circuit-based Gaussian kernels. AES-128 was implemented on ARM Microcontroller by ST Microelectronics and Chip Whisperer-lite board was used to launch clock-glitch attack as well as capture power side-channel traces. We have evaluated the performance of our approach using power side-channel trace with clock-glitch attacks. We have adopted sliding window approach to update the statistical model in real-time. Discussed CMOS-based mixed-signal framework was designed at 45nm technology node and proposed design on an average consumes $\sim\mathbf{210}\mu\mathbf{W}$ at 2 MHz sampling frequency while utilizing 10 recently validated samples for PDF estimation. Moreover, discussed approach allows programming of parameters such as kernel standard deviation $(Kernel_{SD})$ and likelihood-threshold $(LH_{Thres})$ for high efficiency detection.