Paper 2020/1228

Low-Cost Body Biasing Injection (BBI) Attacks on WLCSP Devices

Colin O'Flynn

Abstract

Body Biasing Injection (BBI) uses a voltage applied with a physical probe onto the backside of the integrated circuit die. Compared to other techniques such as electromagnetic fault injection (EMFI) or Laser Fault Injection (LFI), this technique appears less popular in academic literature based on published results. It is hypothesized being due to (1) moderate cost of equipment, and (2) effort required in device preperation. This work demonstrates that BBI (and indeed many other backside attacks) can be trivially performed on Wafer-Level Chip-Scale Packaging (WLCSP), which inherently expose the die backside. A low-cost ($15) design for the BBI tool is introduced, and validated with faults introduced on a STM32F415OG against code flow, RSA, and some initial results on various hardware block attacks are discussed.

Note: Typo fixes from initial

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision. Smart Card Research and Advanced Application Conference (CARDIS) 2020
Keywords
Fault InjectionGlitch AttacksBody Biasing Injection
Contact author(s)
colin @ oflynn com
History
2020-10-09: revised
2020-10-06: received
See all versions
Short URL
https://ia.cr/2020/1228
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/1228,
      author = {Colin O'Flynn},
      title = {Low-Cost Body Biasing Injection (BBI) Attacks on WLCSP Devices},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1228},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1228}},
      url = {https://eprint.iacr.org/2020/1228}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.