Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (11A): 523-527.doi: 10.11896/jsjkx.210200138

• Information Security • Previous Articles     Next Articles

Study on Threat of Persistent Fault Attack

WANG Jian1,2, CHEN Hua1, KUANG Xiao-yun3, YANG Yi-wei3, HUANG Kai-tian3   

  1. 1 TCA Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China
    2 University of Chinese Academy of Sciences,Beijing 100049,China
    3 Electric Power Research Institute,China Southern Power Grid,Guangzhou 510663,China
  • Online:2021-11-10 Published:2021-11-12
  • About author:WANG Jian,born in 1998,postgraduate.His main research interests include side-channel analysis and countermea-sures.
    CHEN Hua,born in 1976,Ph.D,senior engineer,Ph.D supervisor.Her main research interests include side-channel analysis and countermeasures.
  • Supported by:
    National Key R&D Program of China(2018YFB0904900,2018YFB0904901).

PDF (PC)

573

Abstract: Persistent Fault Attack(PFA) is a powerful attack which relies on persistent fault and statistical analysis,it can be applied in extracting secret key of block cipher implementation based on lookup tables.The greatest advantage of PFA is that it can recover the secret key with only one fault injection,meanwhile,it can be applied in countermeasures on fault attack like detection,mask and so on.However,these countermeasures still can make the attack more difficult,key recovery on implementation with countermeasures based on detection and infection need several times cipher text,this will hinder actual attack.Built-in health test for S-box will be a good countermeasure for PFA,the cipher device will stop working once there is a fault injection.PFA relies on the bijective characteristic of the S-box in block cipher,therefore,testing the bijection characteristic of S-box is an effective method to get a health test result for S-box.Just 255 XOR operations will give a reliable health test result for S-box,it costs much less than a normal test method like SHA3.Furthermore,non-algorithmic countermeasures like laser sensor should attractive some attention.

Key words: Bijection, Block cipher, Countermeasures, Health test, Persistent fault attack

CLC Number: 

  • TP309.7
[1]BONEH D,DEMILLO R A,LIPTON R J.On the importance of checking cryptographic protocols for faults[C]//International Conference on the Theory and Applications of Cryptographic Techniques.Berlin,Heidelberg:Springer,1997:37-51.
[2]BIHAM E,SHAMIR A.Differential fault analysis of secret key cryptosystems[C]//Annual International Cryptology Conference.Berlin,Heidelberg:Springer,1997:513-525.
[3]BIEHL I,MEYER B,MÜLLER V.Differential fault attacks on elliptic curve cryptosystems[C]//Annual International Cryptology Conference.Berlin,Heidelberg:Springer,2000:131-146.
[4]DUSART P,LETOURNEUX G,VIVOLO O.Differential fault analysis on AES[C]//International Conference on Applied Cryptography and Network Security.Berlin,Heidelberg:Sprin-ger,2003:293-306.
[5]FUHR T,JAULMES E,LOMNÉ V,et al.Fault attacks on AES with faulty ciphertexts only[C]//2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.IEEE,2013:108-118.
[6]CLAVIER C.Secret external encodings do not prevent transient fault analysis[C]//International Workshop on Cryptographic Hardware and Embedded Systems.Springer,Berlin,Heidelberg,2007:181-194.
[7]CLAVIER D,EICHLSEDER M,KORAK T,et al.SIFA:exploiting ineffective fault inductions on symmetric cryptography[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2018:547-572.
[8]DOBRAUNIG C,EICHLSEDER M,GROβ H,et al.Statistical ineffective fault attacks on masked AES with fault countermeasures[C]//International Conference on the Theory and Application of Cryptology and Information Security.Cham:Springer,2018:315-342.
[9]ZHANG F,LOU X,ZHAO X,et al.Persistent fault analysis on block ciphers[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2018(3):150-172.
[10]ZHANG F,ZHANG Y,JIANG H,et al.Persistent fault attack in practice[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2020(2):172-195.
[11]BAR-EL H,CHOUKRI H,NACCACHE D,et al.The sorcerer'sapprentice guide to fault attacks[J].Proceedings of the IEEE,2006,94(2):370-382.
[12]LOMNÉ V,ROCHE T,THILLARD A.On the need of randomness in fault attack countermeasures-application to AES[C]//2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.IEEE,2012:85-94.
[13]MESSERGES T S.Securing the AES finalists against power analysis attacks[C]//International Workshop on Fast Software Encryption.Berlin,Heidelberg:Springer,2000:150-164.
[14]PAN J,ZHANG F,REN K,et al.One fault is all it needs:breaking higher-order masking with persistent fault analysis[C]//2019 Design,Automation & Test in Europe Conference &Exhibition (DATE).IEEE,2019:1-6.
[15]BLOM G,HOLST L,SANDELL D.Problems and Snapshotsfrom the World of Probability[M].Springer Science & Business Media,1993.
[16]CAFORIO A,BANIK S.A study of persistent fault analysis[C]//International Conference on Security,Privacy,and Applied Cryptography Engineering.Cham:Springer,2019:13-33.
[17]SELMKE B,BRUMMER S,HEYSZL J,et al.Precise laser fault injections into 90 nm and 45 nm sram-cells[C]//International Conference on Smart Card Research and Advanced Applications.Cham:Springer,2015:193-205.
[18]STALLINGS W.Cryptography and Network Security:Princi-ples and Practice[M].Beijing:Publishing House of Electronics Industry,2017:153-179.
[19]MANGARD S,OSWALD E,POPP T.Power Analysis Attacks[M].Beijing:Science Press,2010:181-185.
[20]YAO Y,YANG M,PATRICK C,et al.Fault-assisted side-channel analysis of masked implementations[C]//2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).IEEE,2018:57-64.
[21]DWORKIN M J.SHA-3 standard:Permutation-based hash and extendable-output functions:Federal Inf.Process.Stds.(NIST FIPS) - 202 [S].NIST:2015.
[22]MATSUDA K,FUJII T,SHOJI N,et al.A 286 f 2/cell distri-buted bulk-current sensor and secure flush code eraser against laser fault injection attack on cryptographic processor[J].IEEE Journal of Solid-State Circuits,2018,53(11):3174-3182.
[1] SHEN Xuan, WANG Xin-mei, HE Jun, SUN Zhi-yuan. Revised Impossible Differential Cryptanalysis of PFP Block Cipher [J]. Computer Science, 2020, 47(7): 263-267.
[2] ZHU Ren-jie. Study on SM4 Differential Fault Attack Under Extended Fault Injection Range [J]. Computer Science, 2019, 46(11A): 493-495.
[3] LI Lang and LIU Bo-tao. Surge:A New Low-resource and Efficient Lightweight Block Cipher [J]. Computer Science, 2018, 45(2): 236-240.
[4] LI Lang, ZOU Yi, LI Zhu-hua and LIU Bo-tao. Differential Fault Analysis on DBlock Cipher Algorithm [J]. Computer Science, 2017, 44(7): 116-119.
[5] HUANG Yu-hua, DAI Xue-jun, SHI Yang-yang, LIU Ning-zhong, ZENG Qing-xi and SU Fei. Ultra-lightweight Block Cipher Algorithm (PFP) Based on Feistel Structure [J]. Computer Science, 2017, 44(3): 163-167.
[6] MA Meng, ZHAO Ya-qun and LIU Qing-cong. Integral Zero-correlation Cryptanalysis on Zodiac [J]. Computer Science, 2017, 44(2): 202-205.
[7] DAI Xue-jun, HUANG Yu-hua and LIU Ning-zhong. VHF:A Lightweight Block Cipher Based on Dual Pseudo-random Transformation and Feistel Structure [J]. Computer Science, 2017, 44(2): 192-194.
[8] DONG Da-qiang and YIN Xin-chun. New Improved Algorithm Based on REESSE3+ [J]. Computer Science, 2017, 44(12): 120-125.
[9] GAO Hong-jie and WEI Hong-ru. Impossible Differential Attack on 12-round Block Cipher ESF [J]. Computer Science, 2017, 44(10): 147-149.
[10] CHEN Yu-lei and WEI Hong-ru. Impossible Differential Cryptanalysis of ESF [J]. Computer Science, 2016, 43(8): 89-91.
[11] SUN Cui-ling WEI Hong-ru. Research on Impossible Differential Attack of Cipher SMS4 [J]. Computer Science, 2015, 42(7): 191-193.
[12] WEN Ya-min, LI Feng-xia, GONG Zheng and TANG Shao-hua. Fast Implementation of KLEIN for Resisting Timing and Cache Side-channel Attacks on AVR [J]. Computer Science, 2015, 42(3): 148-152.
[13] QIU Feng-pin and WEI Hong-ru. Impossible Differential Cryptanalysis of CLEFIA-128 [J]. Computer Science, 2015, 42(11): 208-211.
[14] YIN Guang-li and WEI Hong-ru. Impossible Differential Cryptanalysis of CLEFIA [J]. Computer Science, 2014, 41(Z6): 352-356.
[15] . Correlation Power Analysis on ARIA Block Cipher [J]. Computer Science, 2012, 39(2): 92-94.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.