Title :
Differential Fault Intensity Analysis
Author :
Ghalaty, Nahid Farhady ; Yuce, Bilgiday ; Taha, Mostafa ; Schaumont, Patrick
Author_Institution :
Bradley Dept. of Electr. & Comput. Eng., Virginia Tech, Blacksburg, VA, USA
Abstract :
Recent research has demonstrated that there is no sharp distinction between passive attacks based on side-channel leakage and active attacks based on fault injection. Fault behavior can be processed as side-channel information, offering all the benefits of Differential Power Analysis including noise averaging and hypothesis testing by correlation. This paper introduces Differential Fault Intensity Analysis, which combines the principles of Differential Power Analysis and fault injection. We observe that most faults are biased - such as single-bit, two-bit, or three-bit errors in a byte - and that this property can reveal the secret key through a hypothesis test. Unlike Differential Fault Analysis, we do not require precise analysis of the fault propagation. Unlike Fault Sensitivity Analysis, we do not require a fault sensitivity profile for the device under attack. We demonstrate our method on an FPGA implementation of AES with a fault injection model. We find that with an average of 7 fault injections, we can reconstruct a full 128-bit AES key.
Keywords :
cryptography; AES key; FPGA implementation; active attacks; differential fault intensity analysis; differential power analysis; fault behavior; fault injection; fault injection model; fault propagation; fault sensitivity analysis; passive attacks; side channel information; side channel leakage; Circuit faults; Clocks; Cryptography; Field programmable gate arrays; Hamming distance; Mathematical model; Registers; AES; Fault Analysis; Fault Injection; Fault Intensity;
Conference_Titel :
Fault Diagnosis and Tolerance in Cryptography (FDTC), 2014 Workshop on
Conference_Location :
Busan
DOI :
10.1109/FDTC.2014.15
