Cryptology ePrint Archive: Report 2019/1312

Cryptographic Fault Diagnosis using VerFI

Victor Arribas and Felix Wegener and Amir Moradi and Svetla Nikova

Abstract: Historically, fault diagnosis for integrated circuits has singularly dealt with reliability concerns. In contrast, a cryptographic circuit needs to be primarily evaluated concerning information leakage in the presence of maliciously crafted faults. While Differential Fault Attacks (DFAs) on symmetric ciphers have been known for over 20 years, recent developments have tried to structurally classify the attackers’ capabilities as well as the properties of countermeasures. Correct realization of countermeasures should still be manually verified, which is error-prone and infeasible for even moderate-size real-world designs. Here, we introduce the concept of Cryptographic Fault Diagnosis, which revises and shapes the notions of fault diagnosis in reliability testing to the needs of evaluating cryptographic implementations. Additionally, we present VerFI, which materializes the idea of Cryptographic Fault Diagnosis. It is a fully automated, open-source fault detection tool processing the gate-level representation of arbitrary cryptographic implementations. By adjusting the bounds of the underlying adversary model, VerFI allows us to rapidly examine the desired fault detection/correction capabilities of the given implementation. Among several case studies, we demonstrate its application on an implementation of LED cipher with combined countermeasures against side-channel analysis and fault-injection attacks (published at CRYPTO 2016). This experiment revealed general implementation flaws and undetectable faults leading to successful DFA on the protected design with full-key recovery.

Category / Keywords: Fault Diagnosis, Fault Simulation, Verification, Tool, Differential Fault Attack, DFA, ParTI

Original Publication (in the same form): HOST 2020

Date: received 13 Nov 2019, last revised 18 Nov 2019

Contact author: victor arribas at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20191118:113227 (All versions of this report)

Short URL: ia.cr/2019/1312


[ Cryptology ePrint archive ]