Paper 2017/829

Automated Fault Analysis of Assembly Code (With a Case Study on PRESENT Implementation)

Jakub Breier and Xiaolu Hou

Abstract

Fault injection attack models are normally determined by analyzing the cipher structure and finding exploitable spots in non-linear and diffusion layers. However, this level of abstraction is often too high to distinguish vulnerable parts of software implementations, due to specific operations and optimizations. On the other hand, manually analyzing the assembly code requires non-negligible amount of time and expertise. In this paper, we propose an automated approach for analyzing cipher implementations in assembly. We represent the whole assembly program as a graph, allowing us to find vulnerable spots efficiently. Fault propagation is analyzed in a subgraph constructed from each vulnerable spot, allowing us to automatically generate equations for differential fault analysis. We have created a tool that implements our approach: ATLAS - Automated TooL for Assembly analysiS. We have successfully used this tool for attacking PRESENT-80, being able to find implementation-specific vulnerabilities that can be exploited in order to recover the secret key with 16 faults. Our results show that ATLAS is useful in finding attack spots that are not visible from the cipher structure, but can be easily exploited when dealing with real-world implementations.