Paper 2023/1722

Quantitative Fault Injection Analysis

Jakob Feldtkeller, Ruhr University Bochum
Tim Güneysu, Ruhr University Bochum
Patrick Schaumont, Worcester Polytechnic Institute
Abstract

Active fault injection is a credible threat to real-world digital systems computing on sensitive data. Arguing about security in the presence of faults is non-trivial, and state-of-the-art criteria are overly conservative and lack the ability of fine-grained comparison. However, comparing two alternative implementations for their security is required to find a satisfying compromise between security and performance. In addition, the comparison of alternative fault scenarios can help optimize the implementation of effective countermeasures. In this work, we use quantitative information flow analysis to establish a vulnerability metric for hardware circuits under fault injection that measures the severity of an attack in terms of information leakage. Potential use cases range from comparing implementations with respect to their vulnerability to specific fault scenarios to optimizing countermeasures. We automate the computation of our metric by integrating it into a state-of-the-art evaluation tool for physical attacks and provide new insights into the security under an active fault attacker.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in ASIACRYPT 2023
Keywords
Fault Injection AnalysisFault MetricQuantitative Information Flow.
Contact author(s)
jakob feldtkeller @ rub de
tim gueneysu @ rub de
pschaumont @ wpi edu
History
2023-11-13: approved
2023-11-07: received
See all versions
Short URL
https://ia.cr/2023/1722
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1722,
      author = {Jakob Feldtkeller and Tim Güneysu and Patrick Schaumont},
      title = {Quantitative Fault Injection Analysis},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1722},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1722}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.