Cryptology ePrint Archive: Report 2016/932

Mistakes Are Proof That You Are Trying: On Verifying Software Encoding Schemes' Resistance to Fault Injection Attacks

Jakub Breier and Dirmanto Jap and Shivam Bhasin

Abstract: Software encoding countermeasures are becoming increasingly popular among researchers proposing code-level prevention against data-dependent leakage allowing an attacker to mount a side-channel attack. Recent trends show that it is possible to design a solution that does not require excessive overhead and yet provides a reasonable security level. However, if the device leakage is hard to be observed, attacker can simply switch to a different class of physical attacks, such as fault injection attack. Instead of stacking several layers of countermeasures, it is always more convenient to choose one that provides decent protection against several attack methods. Therefore, in our paper we use our custom designed code analyzer to formally inspect a recently proposed software encoding countermeasure based on device-specific encoding function, and compare it with other solutions, either based on balanced look-up tables or balanced encoding. We also provide an experimental validation, using the laser fault injection setup. Our results show that the device-specific encoding scheme provides a good protection against fault injection attacks, being capable of preventing majority of faults using different fault models.

Category / Keywords: implementation / software encoding schemes, formal code analysis, fault injection attacks, countermeasures

Original Publication (in the same form): Accepted to PROOFS 2016

Date: received 26 Sep 2016, last revised 27 Sep 2016

Contact author: jbreier at ntu edu sg

Available format(s): PDF | BibTeX Citation

Version: 20160928:030108 (All versions of this report)

Short URL: ia.cr/2016/932

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]