Cryptology ePrint Archive: Report 2014/927

Physical functions : the common factor of side-channel and fault attacks ?

Bruno Robisson and Hélène Le Bouder

Abstract: Security is a key component for information technologies and communication. Among the security threats, a very important one is certainly due to vulnerabilities of the integrated circuits that implement cryptographic algorithms. These electronic devices (such as smartcards) could fall into the hands of malicious people and then could be sub- ject to \physical attacks". These attacks are generally classi ed into two categories : fault and side-channel attacks. One of the main challenges to secure circuits against such attacks is to propose methods and tools to estimate as soundly as possible, the eciency of protections. Numer- ous works attend to provide tools based on sound statistical techniques but, to our knowledge, only address side-channel attacks. In this article, a formal link between fault and side-channel attacks is presented. The common factor between them is what we called the 'physical' function which is an extension of the concept of 'leakage function' widely used in side-channel community. We think that our work could make possible the re-use (certainly modulo some adjustments) for fault attacks of the strong theoretical background developed for side-channel attacks. This work could also make easier the combination of side-channel and fault attacks and thus, certainly could facilitate the discovery of new attack paths. But more importantly, the notion of physical functions opens from now new challenges about estimating the protection of circuits.

Category / Keywords: implementation / Di erential Power Analysis, Di erential Fault Analysis, Di erential Behavioural Analysis, Template Attacks, Fault Sensitivity Analysis, AES128

Date: received 11 Nov 2014

Contact author: bruno robisson at cea fr

Available format(s): PDF | BibTeX Citation

Version: 20141112:083430 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]