Paper 2018/218

On Evaluating Fault Resilient Encoding Schemes in Software

Jakub Breier, Xiaolu Hou, and Yang Liu


Cryptographic implementations are often vulnerable against physical attacks, fault injection analysis being among the most popular techniques. On par with development of attacks, the area of countermeasures is advancing rapidly, utilizing both hardware- and software-based approaches. When it comes to software encoding countermeasures for fault protection and their evaluation, there are very few proposals so far, mostly focusing on single operations rather than cipher as a whole. In this paper we propose an evaluation framework that can be used for analyzing the effectivity of software encoding countermeasures against fault attacks. We first formalize the encoding schemes in software, helping us to define what properties are required when designing a fault protection. Based on these findings, we develop an evaluation metric that can be used universally to determine the robustness of a software encoding scheme against bit flip faults and instruction skips. We provide a way to select a code according to user criteria and also a dynamic code analysis method to estimate the level of protection of assembly implementations using encoding schemes. Finally, we verify our findings by implementing a block cipher PRESENT, protected by encoding scheme based on anticodes, and provide a detailed evaluation of this implementation using different codes.

Available format(s)
Publication info
Published elsewhere. Minor revision. IEEE TDSC
software encoding schemesfault attackscountermeasuresevaluation
Contact author(s)
jbreier @ jbreier com
2019-02-03: last of 2 revisions
2018-02-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jakub Breier and Xiaolu Hou and Yang Liu},
      title = {On Evaluating Fault Resilient Encoding Schemes in Software},
      howpublished = {Cryptology ePrint Archive, Paper 2018/218},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.