SPFA: SFA on Multiple Persistent Faults

2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC) Pub Date : 2020-09-01 DOI:10.1109/FDTC51366.2020.00014

Susanne Engels, Falk Schellenberg, C. Paar

{"title":"SPFA: SFA on Multiple Persistent Faults","authors":"Susanne Engels, Falk Schellenberg, C. Paar","doi":"10.1109/FDTC51366.2020.00014","DOIUrl":null,"url":null,"abstract":"For classical fault analysis, a transient fault is required to be injected during runtime, e.g., only at a specific round. Instead, Persistent Fault Analysis (PFA) introduces a powerful class of fault attacks that allows for a fault to be present throughout the whole execution. One limitation of original PFA as introduced by Zhang et al. at CHES'18 is that the adversary needs know (or brute-force) the faulty values prior to the analysis. While this was addressed at a follow-up work at CHES'20, the solution is only applicable to a single faulty value. Instead, we use the potency of Statistical Fault Analysis (SFA) in the persistent fault setting, presenting Statistical Persistent Fault Analysis (SPFA) as a more general approach of PFA. As a result, any or even a multitude of unknown faults that cause an exploitable bias in the targeted round can be used to recover the cipher's secret key. Indeed, the undesired faults in the other rounds that occur due the persistent nature of the attack converge to a uniform distribution as required by SFA. We verify the effectiveness of our attack against LED and AES.","PeriodicalId":168420,"journal":{"name":"2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FDTC51366.2020.00014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

For classical fault analysis, a transient fault is required to be injected during runtime, e.g., only at a specific round. Instead, Persistent Fault Analysis (PFA) introduces a powerful class of fault attacks that allows for a fault to be present throughout the whole execution. One limitation of original PFA as introduced by Zhang et al. at CHES'18 is that the adversary needs know (or brute-force) the faulty values prior to the analysis. While this was addressed at a follow-up work at CHES'20, the solution is only applicable to a single faulty value. Instead, we use the potency of Statistical Fault Analysis (SFA) in the persistent fault setting, presenting Statistical Persistent Fault Analysis (SPFA) as a more general approach of PFA. As a result, any or even a multitude of unknown faults that cause an exploitable bias in the targeted round can be used to recover the cipher's secret key. Indeed, the undesired faults in the other rounds that occur due the persistent nature of the attack converge to a uniform distribution as required by SFA. We verify the effectiveness of our attack against LED and AES.

查看原文本刊更多论文

SPFA: SFA on Multiple Persistent fault

对于经典的故障分析，需要在运行期间注入瞬态故障，例如，仅在特定的一轮。相反，持久性故障分析(PFA)引入了一类强大的故障攻击，允许在整个执行过程中出现故障。Zhang等人在CHES'18上介绍的原始PFA的一个限制是，攻击者需要在分析之前知道(或暴力破解)错误的值。虽然在CHES'20的后续工作中解决了这一问题，但该解决方案仅适用于单个故障值。相反，我们在持久故障设置中使用统计故障分析(SFA)的效力，将统计持久故障分析(SPFA)作为PFA的更通用方法。因此，在目标轮中导致可利用偏差的任何甚至大量未知错误都可以用来恢复密码的秘密密钥。实际上，由于攻击的持久性而发生的其他回合中不希望出现的故障收敛到SFA要求的均匀分布。我们验证了针对LED和AES攻击的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

自引率

0.00%

发文量