Paper 2018/357

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Stefan Mangard, Florian Mendel, and Robert Primas

Abstract

Implementation attacks like side-channel and fault attacks are a threat to deployed devices especially if an attacker has physical access. As a consequence, devices like smart cards and IoT devices usually provide countermeasures against implementation attacks, such as masking against side-channel attacks and detection-based countermeasures like temporal or spacial redundancy against fault attacks. In this paper, we show how to attack implementations protected with both masking and detection-based fault countermeasures by using statistical ineffective fault attacks using a single fault induction per execution. Our attacks are largely unaffected by the deployed protection order of masking and the level of redundancy of the detection-based countermeasure. These observations show that the combination of masking plus error detection alone may not provide sufficient protection against implementation attacks.

Note: Camera ready version for asiacrypt

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2018
Keywords
Implementation attackFault attackSFASIFA
Contact author(s)
robert primas @ iaik tugraz at
History
2018-09-08: revised
2018-04-18: received
See all versions
Short URL
https://ia.cr/2018/357
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/357,
      author = {Christoph Dobraunig and Maria Eichlseder and Hannes Gross and Stefan Mangard and Florian Mendel and Robert Primas},
      title = {Statistical Ineffective Fault Attacks on Masked {AES} with Fault Countermeasures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/357},
      year = {2018},
      url = {https://eprint.iacr.org/2018/357}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.