在盲环境中利用统计有效故障攻击

IF 1.3 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security Pub Date : 2023-06-23 DOI:10.1049/ise2.12121

Navid Vafaei, Hadi Soleimany, Nasour Bagheri

{"title":"在盲环境中利用统计有效故障攻击","authors":"Navid Vafaei, Hadi Soleimany, Nasour Bagheri","doi":"10.1049/ise2.12121","DOIUrl":null,"url":null,"abstract":"<p>In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA-blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA-blind does not need a bit-level fault, our results demonstrate that it is better than SIFA-blind when the number of missed faults increases.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"639-646"},"PeriodicalIF":1.3000,"publicationDate":"2023-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12121","citationCount":"0","resultStr":"{\"title\":\"Exploiting statistical effective fault attack in a blind setting\",\"authors\":\"Navid Vafaei, Hadi Soleimany, Nasour Bagheri\",\"doi\":\"10.1049/ise2.12121\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA-blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA-blind does not need a bit-level fault, our results demonstrate that it is better than SIFA-blind when the number of missed faults increases.</p>\",\"PeriodicalId\":50380,\"journal\":{\"name\":\"IET Information Security\",\"volume\":\"17 4\",\"pages\":\"639-646\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2023-06-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12121\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/ise2.12121\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/ise2.12121","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

为了获得密钥，大多数物理攻击都需要明文或密文的知识，而明文或密文可能不可用或无法利用。在对手无法直接访问明文和密文的情况下，引入盲攻击来进行密钥恢复。故障和电源攻击的组合可以规避此设置中的典型对策，例如故障模板攻击（FTA）。然而，FTA依赖于位故障注入，这在实践中很难实现。SIFA盲是一种用于执行统计无效故障攻击的框架，它更灵活，但对设置噪声和遗漏故障的敏感性是它的主要缺点。为了解决这一缺陷，我们提出了两种在盲设置中使用统计有效故障攻击的方法，即使它们不在位级别使用故障注入，但在测量功率迹线时，它们受遗漏故障和噪声的影响要小得多。为了证明我们提出的攻击的可行性和适应性，我们通过故障频率在ChipWhisperer板上注入了一个故障。虽然SEFA盲不需要位级故障，但我们的结果表明，当遗漏故障数量增加时，它比SIFA盲更好。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Exploiting statistical effective fault attack in a blind setting

查看原文本刊更多论文

Exploiting statistical effective fault attack in a blind setting

In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA-blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA-blind does not need a bit-level fault, our results demonstrate that it is better than SIFA-blind when the number of missed faults increases.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IET Information Security 工程技术-计算机：理论方法

CiteScore

3.80

自引率

7.10%

发文量

审稿时长

8.6 months

期刊介绍： IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls. Scope: Access Control and Database Security Ad-Hoc Network Aspects Anonymity and E-Voting Authentication Block Ciphers and Hash Functions Blockchain, Bitcoin (Technical aspects only) Broadcast Encryption and Traitor Tracing Combinatorial Aspects Covert Channels and Information Flow Critical Infrastructures Cryptanalysis Dependability Digital Rights Management Digital Signature Schemes Digital Steganography Economic Aspects of Information Security Elliptic Curve Cryptography and Number Theory Embedded Systems Aspects Embedded Systems Security and Forensics Financial Cryptography Firewall Security Formal Methods and Security Verification Human Aspects Information Warfare and Survivability Intrusion Detection Java and XML Security Key Distribution Key Management Malware Multi-Party Computation and Threshold Cryptography Peer-to-peer Security PKIs Public-Key and Hybrid Encryption Quantum Cryptography Risks of using Computers Robust Networks Secret Sharing Secure Electronic Commerce Software Obfuscation Stream Ciphers Trust Models Watermarking and Fingerprinting Special Issues. Current Call for Papers: Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf