发布求助
文献互助 智能选刊 最新文献

2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)最新文献

筛选
英文 中文
A Practical Fault Attack on ARX-Like Ciphers with a Case Study on ChaCha20 类arx密码的实际故障攻击——以ChaCha20为例
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-12-01 DOI: 10.1109/FDTC.2017.14
S. V. Dilip Kumar, Sikhar Patranabis, J. Breier, Debdeep Mukhopadhyay, S. Bhasin, A. Chattopadhyay, Anubhab Baksi
{"title":"A Practical Fault Attack on ARX-Like Ciphers with a Case Study on ChaCha20","authors":"S. V. Dilip Kumar, Sikhar Patranabis, J. Breier, Debdeep Mukhopadhyay, S. Bhasin, A. Chattopadhyay, Anubhab Baksi","doi":"10.1109/FDTC.2017.14","DOIUrl":"https://doi.org/10.1109/FDTC.2017.14","url":null,"abstract":"This paper presents the first practical fault attack on the ChaCha family of addition-rotation-XOR (ARX)-based stream ciphers. ChaCha has recently been deployed for speeding up and strengthening HTTPS connections for Google Chrome on Android devices. In this paper, we propose differential fault analysis attacks on ChaCha without resorting to nonce misuse. We use the instruction skip and instruction replacement fault models, which are popularly mounted on microcontroller-based cryptographic implementations. We corroborate the attack propositions via practical fault injection experiments using a laser-based setup targeting an Atmel AVR 8-bit microcontroller-based implementation of ChaCha. Each of the proposed attacks can be repeated with 100% accuracy in our fault injection setup, and can recover the entire 256 bit secret key using 5-8 fault injections on an average.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"195 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115251347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
Escalating Privileges in Linux Using Voltage Fault Injection Linux下使用电压故障注入升级权限
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.16
N. Timmers, Cristofaro Mune
{"title":"Escalating Privileges in Linux Using Voltage Fault Injection","authors":"N. Timmers, Cristofaro Mune","doi":"10.1109/FDTC.2017.16","DOIUrl":"https://doi.org/10.1109/FDTC.2017.16","url":null,"abstract":"Today's standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI). FI attacks can be used to alter the intended behavior of software and hardware of embedded devices. Most FI research focuses on breaking the implementation of cryptographic algorithms. However, this paper's contribution is in showing that FI attacks are effective at altering the intended behavior of large and complex code bases like the Linux Operating System (OS) when executed by a fast and feature rich System-on-Chip (SoC). More specifically, we show three attacks where full control of the Linux OS is achieved from an unprivileged context using V-FI. These attacks target standard Linux OS functionality and operate in absence of any logical vulnerability. We assume an attacker that already achieved unprivileged code execution. The practicality of the attacks is demonstrated using a commercially available V-FI test bench and a commercially available ARM CortexA9 SoC development board. Finally, we discuss mitigations to lower probability and minimize impact of a successful FI attack on complex systems like the Linux OS.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114715951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 50
Exploiting Bitflip Detector for Non-invasive Probing and its Application to Ineffective Fault Analysis 利用位翻转检测器进行无创探测及其在无效故障分析中的应用
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.17
T. Sugawara, Natsu Shoji, K. Sakiyama, Kohei Matsuda, N. Miura, M. Nagata
{"title":"Exploiting Bitflip Detector for Non-invasive Probing and its Application to Ineffective Fault Analysis","authors":"T. Sugawara, Natsu Shoji, K. Sakiyama, Kohei Matsuda, N. Miura, M. Nagata","doi":"10.1109/FDTC.2017.17","DOIUrl":"https://doi.org/10.1109/FDTC.2017.17","url":null,"abstract":"Matsuda et al. proposed a countermeasure against laser fault injection that uses distributed on-chip sensors. The sensor raises an alarm by detecting an electrical phenomenon caused in conjunction with a bitflip. A cryptographic module can stop releasing a faulty ciphertext by using the alarm. In this paper, security and limitation of the countermeasure by Matsuda et al. is rigorously evaluated. We show that an attacker can get side-channel information by observing how the sensors react to laser fault injection. That enables the attacker to probe intermediate values in a chip non-invasively. On the one hand, under a chosen-plaintext setting, the laser-based probing enables to run the conventional probing attack on AES by Schmidt and Kim. On the other hand, under a ciphertextonly setting, the laser-based probing raises a new challenge: the attacker is given correct ciphertexts and corresponding singlebit probing results. We propose a new ineffective fault analysis against AES based on linear cryptanalysis that can be used in the above setting.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114455512","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot 绕过安全启动的智能手机激光诱导故障注入
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.18
Aurélien Vasselle, Hugues Thiebeauld, Q. Maouhoub, A. Morisset, S. Ermeneux
{"title":"Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot","authors":"Aurélien Vasselle, Hugues Thiebeauld, Q. Maouhoub, A. Morisset, S. Ermeneux","doi":"10.1109/FDTC.2017.18","DOIUrl":"https://doi.org/10.1109/FDTC.2017.18","url":null,"abstract":"This paper describes the outcome of a laser attack study on an Android smartphone targeting specifically the secure boot sequence. Laser fault injection has become a classical attack path in the secure chip industry to investigate potential security mitigation. The implementation of such attacks on a recent mobile phone remains relatively unexplored and represents different challenges, both at hardware and software levels. In this paper, we show how the device is crafted to get a direct access to the silicon and explain the corresponding experimental setup. By inserting our own software into the boot sequence, it was possible to achieve a fine characterization of the die sensitivity to light. With the knowledge of potential perturbations, it was possible to build an attack scenario allowing to malevolently get the highest level of privilege within the mobile phone.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134528273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
CAMFAS: A Compiler Approach to Mitigate Fault Attacks via Enhanced SIMDization CAMFAS:一种通过增强simization来减轻错误攻击的编译器方法
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.10
Zhi Chen, Junjie Shen, A. Nicolau, A. Veidenbaum, N. F. Ghalaty, Rosario Cammarota
{"title":"CAMFAS: A Compiler Approach to Mitigate Fault Attacks via Enhanced SIMDization","authors":"Zhi Chen, Junjie Shen, A. Nicolau, A. Veidenbaum, N. F. Ghalaty, Rosario Cammarota","doi":"10.1109/FDTC.2017.10","DOIUrl":"https://doi.org/10.1109/FDTC.2017.10","url":null,"abstract":"The trend of supporting wide vector units in general purpose microprocessors suggests opportunities for developing a new and elegant compilation approach to mitigate the impact of faults to cryptographic implementations, which we present in this work. We propose a compilation flow, CAMFAS, to automatically and selectively introduce vectorization in a cryptographic library - to translate a vanilla library into a library with vectorized code that is resistant to glitches. Unlike in traditional vectorization, the proposed compilation flow uses the extent of the vectors to introduce spatial redundancy in the intermediate computations. By doing so, without significantly increasing code size and execution time, the compilation flow provides sufficient redundancy in the data to detect errors in the intermediate values of the computation. Experimental results show that the proposed approach only generates an average of 26% more dynamic instructions over a series of asymmetric cryptographic algorithms in the Libgcrypt library.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121939351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
AutoFault: Towards Automatic Construction of Algebraic Fault Attacks 自动故障:代数故障攻击的自动构造
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.13
Jan Burchard, Mael Gay, Ange-Salomé Messeng Ekossono, J. Horácek, B. Becker, Tobias Schubert, M. Kreuzer, I. Polian
{"title":"AutoFault: Towards Automatic Construction of Algebraic Fault Attacks","authors":"Jan Burchard, Mael Gay, Ange-Salomé Messeng Ekossono, J. Horácek, B. Becker, Tobias Schubert, M. Kreuzer, I. Polian","doi":"10.1109/FDTC.2017.13","DOIUrl":"https://doi.org/10.1109/FDTC.2017.13","url":null,"abstract":"A prototype of the framework AutoFault, which automatically constructs fault-injection attacks for hardware realizations of ciphers, is presented. AutoFault can be used to quickly evaluate the resistance of security-critical hardware blocks to fault attacks and the adequacy of implemented countermeasures. The framework takes as inputs solely the circuit description of the cipher and the fault(s) and produces an algebraic formula that can be handed over to an external solver. In contrast to previous work, attacks constructed by AutoFault do not incorporate any cipher-specific cryptoanalytic derivations, making the framework accessible to users without cryptographic background. We report successful application of AutoFault in combination with a state-of-the-art SAT solver to LED-64 and to small-scale AES. To the best of our knowledge, this is the first time that a state-of-the-art cipher (LED-64) was broken by a fault attack with no prior manual cryptanalysis whatsoever.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121729263","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Practical Fault Attack against the Ed25519 and EdDSA Signature Schemes Ed25519和EdDSA签名方案的实用故障攻击
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.12
Yolan Romailler, Sylvain Pelissier
{"title":"Practical Fault Attack against the Ed25519 and EdDSA Signature Schemes","authors":"Yolan Romailler, Sylvain Pelissier","doi":"10.1109/FDTC.2017.12","DOIUrl":"https://doi.org/10.1109/FDTC.2017.12","url":null,"abstract":"The Edwards-curve Digital Signature Algorithm (EdDSA) was proposed to perform fast public-key digital signatures as a replacement for the Elliptic Curve Digital Signature Algorithm (ECDSA). Its key advantages for embedded devices are higher performance and straightforward, secure implementations. Indeed, neither branch nor lookup operations depending on the secret values are performed during a signature. These properties thwart many side-channel attacks. Nevertheless, we demonstrate here that a single-fault attack against EdDSA can recover enough private key material to forge valid signatures for any message. We demonstrate a practical application of this attack against an implementation on Arduino Nano. To the authors' best knowledge this is the first practical fault attack against EdDSA or Ed25519.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127802912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
Safety != Security: On the Resilience of ASIL-D Certified Microcontrollers against Fault Injection Attacks 安全=安全:ASIL-D认证微控制器对故障注入攻击的弹性
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.15
Nils Wiersma, Ramiro Pareja
{"title":"Safety != Security: On the Resilience of ASIL-D Certified Microcontrollers against Fault Injection Attacks","authors":"Nils Wiersma, Ramiro Pareja","doi":"10.1109/FDTC.2017.15","DOIUrl":"https://doi.org/10.1109/FDTC.2017.15","url":null,"abstract":"With the ever increasing amount of electronic components in vehicles and in particular the amount of complex autonomous actions that these components perform, security topics become more and more important in the automotive industry. Not only from a business point of view, as valuable IP assets are contained within these components, but also from a safety point of view, especially when vulnerabilities lead to remotely exploitable attacks. Logical attacks in this field are abundant, but attacks using hardware centered techniques such as fault injection are underrepresented. Researchers and professionals often pay no attention in these attacks because they require physical access to the chip, ignoring that the assets obtained (e.g. firmware, keys, etc.) can be used later to prepare a remote attack.This work aims to address the lack of attention on fault injection attacks by investigating two modern microcontroller units that receive the highest safety assurance rating (ASIL-D) of the ISO 26262 automotive standard. This is done in both a theoretical characterization setup and a more realistic setup where debugging interfaces are targeted. The results obtained from these setups show that the mechanisms implemented to adhere to this maximum safety rating do not adequately protect against fault injection attacks and are therefore insufficient to ensure security by themselves — additional countermeasures are required. Each setup required approximately one week of preparation, but once the attacker finds the optimal fault injection parameters, the attack can be repeated in less than an hour. We provide some recommendations on what type of countermeasures should be considered to improve the security with respect to fault injection attacks and also provide several pointers to continue the security research in this area.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129671255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
One Plus One is More than Two: A Practical Combination of Power and Fault Analysis Attacks on PRESENT and PRESENT-Like Block Ciphers 一加一大于二:对PRESENT和类PRESENT分组密码的功率和故障分析攻击的实用组合
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) Pub Date : 2017-09-01 DOI: 10.1109/FDTC.2017.11
Sikhar Patranabis, J. Breier, Debdeep Mukhopadhyay, S. Bhasin
{"title":"One Plus One is More than Two: A Practical Combination of Power and Fault Analysis Attacks on PRESENT and PRESENT-Like Block Ciphers","authors":"Sikhar Patranabis, J. Breier, Debdeep Mukhopadhyay, S. Bhasin","doi":"10.1109/FDTC.2017.11","DOIUrl":"https://doi.org/10.1109/FDTC.2017.11","url":null,"abstract":"We present the first practically realizable sidechannel assisted fault attack on PRESENT, that can retrieve the last round key efficiently using single nibble faults. The attack demonstrates how side-channel leakage can allow the adversary to precisely determine the fault mask resulting from a nibble fault injection instance. We first demonstrate the viability of such an attack model via side-channel analysis experiments on top of a laser-based fault injection setup, targeting a PRESENT-80 implementation on an ATmega328P microcontroller. Subsequently, we present a differential fault analysis (DFA) exploiting the knowledge of the output fault mask in the target round to recover multiple last round key nibbles independently and in parallel. Both analytically and through experimental evidence, we show that the combined attack can recover the last round key of PRESENT with 4 random nibble fault injections in the best case, and around 7- 8 nibble fault injections in the average case. Our attack sheds light on a hitherto unexplored vulnerability of PRESENT and PRESENT-like block ciphers that use bit-permutations instead of maximum distance separable (MDS) layers for diffusion.","PeriodicalId":227188,"journal":{"name":"2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)","volume":"277 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134449100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信