Cryptology ePrint Archive: Report 2016/932
Mistakes Are Proof That You Are Trying: On Verifying Software Encoding Schemes' Resistance to Fault Injection Attacks
Jakub Breier and Dirmanto Jap and Shivam Bhasin
Abstract: Software encoding countermeasures are becoming increasingly popular among researchers proposing code-level prevention against data-dependent leakage allowing an attacker to mount a side-channel attack. Recent trends show that it is possible to design a solution that does not require excessive overhead and yet provides a reasonable security level. However, if the device leakage is hard to be observed, attacker can simply switch to a different class of physical attacks, such as fault injection attack.
Instead of stacking several layers of countermeasures, it is always more convenient to choose one that provides decent protection against several attack methods. Therefore, in our paper we use our custom designed code analyzer to formally inspect a recently proposed software encoding countermeasure based on device-specific encoding function, and compare it with other solutions, either based on balanced look-up tables or balanced encoding. We also provide an experimental validation, using the laser fault injection setup.
Our results show that the device-specific encoding scheme provides a good protection against fault injection attacks, being capable of preventing majority of faults using different fault models.
Category / Keywords: implementation / software encoding schemes, formal code analysis, fault injection attacks, countermeasures
Original Publication (in the same form): Accepted to PROOFS 2016
Date: received 26 Sep 2016, last revised 27 Sep 2016
Contact author: jbreier at ntu edu sg
Available format(s): PDF | BibTeX Citation
Version: 20160928:030108 (All versions of this report)
Short URL: ia.cr/2016/932
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]