On the Need of Randomness in Fault Attack Countermeasures - Application to AES

Abstract

Recent works show that a combination of perturbation and observation attacks on symmetric ciphers thwarts state-of-the-art countermeasures. In this paper, we first propose a new way - to our knowledge - to classify fault attacks against block ciphers, allowing us to exhibit their capacity to be combined with observation attacks. We then present a set of common protections against side-channel and fault attacks, namely higher-order masking schemes, detection and infection countermeasures, and how they can be combined. We show that the combination of a higher-order masking scheme and a detection countermeasure can actually be defeated by a slight variant of the combined attack of Roche et al., even if one applies their patch. Furthermore, we also demonstrate that none of the published infection countermeasures is robust against fault attacks. Finally, using randomness, we propose a set of enhanced countermeasures that thwart considered threats.