Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Fault Diagnosis and Tolerance in Cryptography

FDTC 2006: Fault Diagnosis and Tolerance in Cryptography pp 159–172Cite as

A Comparative Cost/Security Analysis of Fault Attack Countermeasures

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4236))

Abstract

Deliberate injection of faults into cryptographic devices is an effective cryptanalysis technique against symmetric and asymmetric encryption algorithms. To protect cryptographic implementations (e.g. of the recent AES which will be our running example) against these attacks, a number of innovative countermeasures have been proposed, usually based on the use of space and time redundancies (e.g. error detection/correction techniques, repeated computations). In this paper, we take the next natural step in engineering studies where alternative methods exist, namely, we take a comparative perspective. For this purpose, we use unified security and efficiency metrics to evaluate various recent protections against fault attacks. The comparative study reveals security weaknesses in some of the countermeasures (e.g. intentional malicious fault injection that are unrealistically modelled). The study also demonstrates that, if fair performance evaluations are performed, many countermeasures are not better than the naive solutions, namely duplication or repetition. We finally suggest certain design improvements for some countermeasures, and further discuss security/efficiency tradeoffs.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, R., Kuhn, M.: Tamper Resistance - a Cautionary Note. In: The proceedings of the USENIX Workshop on Electronic Commerce, Oakland, CA, USA, November 1996, pp. 1–11 (1996)

    Google Scholar 

  2. Anderson, R., Kuhn, M.: Low Cost Attacks on Tamper Resistant Devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  3. Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The Sorcerer’s Apprentice Guide to Fault Attacks, IACR e-print archive 2004/100 (2004), http://eprint.iacr.org

  4. Barreto, P., Rijmen, V.: The KHAZAD Legacy-Level Block Cipher, Submission to NESSIE project, Available from: http://www.cosic.esat.kuleuven.ac.be/nessie/

  5. Bertoni, G., Breveglieri, L., Koren, I., Maistri, P., Piuri, V.: Error Analysis And Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard. IEEE Transactions on Computers 52(4), 492–505 (2003)

    Article  Google Scholar 

  6. Bertoni, G., Breveglieri, L., Koren, I., Maistri, P.: An Efficient Hardware-Based Fault Diagnosis Scheme for AES: Performance and Cost. In: Proceedings of DFT 2004, Cannes, France, October 2004, p. 9 (2004)

    Google Scholar 

  7. Biehl, I., Meyer, B., Müller, V.: Differential Fault Analysis on Elliptic Curve Cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  8. Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Google Scholar 

  9. Boneh, D., DeMillo, R., Lipton, R.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  10. Brier, E., Handschuh, H., Tymen, C.: Fast Primitives for Internal Data Scrambling in Tamper Resistant Hardware. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 16–27. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Daemen, J., Rijmen, V.: The Design of Rijndael. AES – The Advanced Encryption Standard. Springer, Heidelberg (2001)

    Google Scholar 

  12. Gennaro, R., Lysyanskaya, A., Malkin, T., Micali, S., Rabin, T.: Algorithmic Tamper-Proof Security: Theoretical Foundations for Security Against Hardware Tampering. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 258–277. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Giraud, C., Thiebauld, H.: A Survey on Fault Attacks. In: Proceedings of CARDIS 2004, Toulouse, France (August 2004)

    Google Scholar 

  14. Golic, J.D.: DeKaRT: A New Paradigm for Key-Dependent Reversible Circuits. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 98–112. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Johansson, K., Ohlsson, M., Blomgren, N., Renberg, P.: Neutron Induced Single-Word Multiple-Bit Upset in SRAM. IEEE Transactions on Nuclear Science 46(7), 1427–1433 (1999)

    Article  Google Scholar 

  16. Joshi, N., Wu, K., Karry, R.: Concurrent Error Detection Schemes for Involution Ciphers. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 400–412. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Joye, M., Lenstra, A.K., Quisquater, J.-J.: Chinese Remaindering Based Cryptosystems in the Presence of Faults. Journal of Cryptology 12(4), 241–246 (1999)

    Article  MATH  Google Scholar 

  18. Karnik, T., Hazucha, P., Patel, J.: Characterization of Soft Errors Caused by Single Event Upsets in CMOS Processes. IEEE Transactions on Secure and Dependable Computing 1(2) (2004)

    Google Scholar 

  19. Karpovsky, M., Kulikowski, K.J., Taubin, A.: Differential Fault Analysis Attack Resistant Architectures For The Advanced Encryption Standard. In: Proceedings of CARDIS 2004, Toulouse, France (August 2004)

    Google Scholar 

  20. Karpovsky, M., Kulikowski, K.J., Taubin, A.: Robust Protection against Fault Injection Attacks on Smart Cards Implementing the Advanced Encryption Standard. In: Proceedings of DSN 2004, Florence, Italy, p. 9 (June 2004)

    Google Scholar 

  21. Karri, R., Wu, K., Mishra, P., Kim, Y.: Concurrent Error Detection Schemes for Fault-Based Side-Channel Cryptanalysis of Symmetric Block Ciphers. IEEE Transactions on Computer-Aided Design 21(12), 1509–1517 (2002)

    Article  Google Scholar 

  22. Karri, R., Gössel, M.: Parity-Based Concurrent Error Detection in Symmetric Block Ciphers. In: Proceedings of ITC 2003, Charlotte, USA, September 2003, pp. 919–926 (2003)

    Google Scholar 

  23. Karri, R., Kuznetsov, G., Gössel, M.: Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 113–124. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  24. Kulikowski, K.J., Karpovsky, M., Taubin, A.: Robust Codes for Fault Attack Resistant Cryptographic Hardware. In: The Proceedings of FDTC 2005, Edinburgh, Scotland, September 2005, pp. 2–12 (2005)

    Google Scholar 

  25. Mitra, S., McCluskey, E.J.: Which Concurrent Error Detection Scheme ro Choose. In: Proceedings of the International Test Conference 2000, Atlantic City, NJ, USA, October 2000, pp. 985–994 (2000)

    Google Scholar 

  26. Moshanin, V., Otscheretnij, V., Dmitriev, A.: The Impact of Logic Optimization on Concurrent Error Detection. In: Proceedings of the 4th IEEE International On-Line Testing Workshop, pp. 81–84 (July 1998)

    Google Scholar 

  27. Piret, G., Quisquater, J.-J.: A Differential Fault Attack Technique Against SPN Structures, With Applications to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  28. Reed, R.: Heavy Ion and Proton Induced Single Event Multiple Upsets. In: Proceedings of the IEEE Nuclear and Space Radiation Effects Conference (July 1997)

    Google Scholar 

  29. Samyde, D., Skorobogatov, S., Anderson, R., Quisquater, J.-J.: On a New Way to Read Data from Memory. In: The proceedings of the IEEE Security in Storage Workshop 2002, pp. 65–69, Greenbelt, Maryland, USA (December 2002)

    Google Scholar 

  30. Shirvani, P.: Fault Tolerant Computing for Radiation Environments, Ph.D Thesis, Center for Reliable Computing, Stanford University (June 2001)

    Google Scholar 

  31. Skorobogatov, S., Anderson, R.: Optical Fault Induction Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  32. Wu, K., Karri, R., Kuznetsov, G., Goessel, M.: Low Cost Error Detection for the Advanced Encryption Standard. In: Proceedings of ITC 2004 (October 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Columbia University,  

    Tal G. Malkin, François-Xavier Standaert & Moti Yung

  2. UCL Crypto Group, Université Catholique de Louvain,  

    François-Xavier Standaert

Authors
  1. Tal G. Malkin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. François-Xavier Standaert
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Moti Yung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronics and Information Technology, Politecnico di Milano, Milano, Italy

    Luca Breveglieri

  2. Department of Electrical and Computer Engineering,, University of Massachusetts, Amherst, MA, USA

    Israel Koren

  3. École normale supérieure, Équipe de cryptographie, 45 rue d’Ulm, F-75230, Paris cedex 05, France

    David Naccache

  4. Institute for Computer Science, University of Innsbruck, 6020, Innsbruck, Austria

    Jean-Pierre Seifert

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Malkin, T.G., Standaert, FX., Yung, M. (2006). A Comparative Cost/Security Analysis of Fault Attack Countermeasures. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, JP. (eds) Fault Diagnosis and Tolerance in Cryptography. FDTC 2006. Lecture Notes in Computer Science, vol 4236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11889700_15

Download citation

  • DOI: https://doi.org/10.1007/11889700_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-46250-7

  • Online ISBN: 978-3-540-46251-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation