Cryptology ePrint Archive: Report 2018/071

SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography

Christoph Dobraunig and Maria Eichlseder and Thomas Korak and Stefan Mangard and Florian Mendel and Robert Primas

Abstract: Since the seminal work of Boneh et al., the threat of fault attacks has been widely known and techniques for fault attacks and countermeasures have been studied extensively. The vast majority of the literature on fault attacks focuses on the ability of fault attacks to change an intermediate value to a faulty one, such as differential fault analysis (DFA), collision fault analysis, statistical fault attack (SFA), fault sensitivity analysis, or differential fault intensity analysis (DFIA). The other aspect of faults---that faults can be induced and do not change a value---has been researched far less. In case of symmetric ciphers, ineffective fault attacks (IFA) exploit this aspect. However, IFA relies on the ability of an attacker to reliably induce reproducible deterministic faults like stuck-at faults on parts of small values (e.g., one bit or byte), which is often considered to be impracticable. As a consequence, most countermeasures against fault attacks do not focus on such attacks, but on attacks exploiting changes of intermediate values and usually try to detect such a change (detection-based), or to destroy the exploitable information if a fault happens (infective countermeasures). Such countermeasures implicitly assume that the release of "fault-free" ciphertexts in the presence of a fault-inducing attacker does not reveal any exploitable information. In this work, we show that this assumption is not valid and we present novel fault attacks that work in the presence of detection-based and infective countermeasures. The attacks exploit the fact that intermediate values leading to "fault-free" ciphertexts show a non-uniform distribution, while they should be distributed uniformly. The presented attacks are entirely practical and are demonstrated to work for software implementations of AES and for a hardware co-processor. These practical attacks rely on fault induction by means of clock glitches and hence, are achieved using only low-cost equipment. This is feasible because our attack is very robust under noisy fault induction attempts and does not require the attacker to model or profile the exact fault effect. We target two types of countermeasures as examples: simple time redundancy with comparison and several infective countermeasures. However, our attacks can be applied to a wider range of countermeasures and are not restricted to these two countermeasures.

Category / Keywords: fault attack, infective countermeasure, fault detection, countermeasure, statistical ineffective fault attack, SIFA

Original Publication (in the same form): IACR-CHES-2018
DOI:
10.13154/tches.v2018.i3.547-572

Date: received 16 Jan 2018, last revised 4 Sep 2018

Contact author: christoph dobraunig at iaik tugraz at

Available format(s): PDF | BibTeX Citation

Version: 20180904:115744 (All versions of this report)

Short URL: ia.cr/2018/071


[ Cryptology ePrint archive ]