Claire Whelan

The Sorcerer's Apprentice Guide to Fault Attacks

The effect of faults on electronic systems has been studied since the 1970s when it was noticed that radioactive particles caused errors in chips. This led to further research on the effect of charged particles on silicon, motivated by the aerospace industry, which was becoming concerned about the effect of faults in airborne electronic systems. Since then various mechanisms for fault creation and propagation have been discovered and researched. This paper covers the various methods that can be used to induce faults in semiconductors and exploit such errors maliciously. Several examples of attacks stemming from the exploiting of faults are explained. Finally a series of countermeasures to thwart these attacks are described.

Experimenting with faults, lattices and the DSA

We present an attack on DSA smart-cards which combines physical fault injection and lattice reduction techniques. This seems to be the first (publicly reported) physical experiment allowing to concretely pull-out DSA keys out of smart-cards. We employ a particular type of fault attack known as a glitch attack, which will be used to actively modify the DSA nonce k used for generating the signature: k will be tampered with so that a number of its least significant bytes will flip to zero. Then we apply well-known lattice attacks on El Gamal-type signatures which can recover the private key, given sufficiently many signatures such that a few bits of each corresponding k are known. In practice, when one byte of each k is zeroed, 27 signatures are sufficient to disclose the private key. The more bytes of k we can reset, the fewer signatures will be required. This paper presents the theory, methodology and results of the attack as well as possible countermeasures.

Distinguishing Multiplications from Squaring Operations

In this paper we present a new approach to attacking a modular exponentiation and scalar multiplication based by distinguishing multiplications from squaring operations using the instantaneous power consumption. Previous approaches have been able to distinguish these operations based on information of the specific implementation of the embedded algorithm or the relationship between specific plaintexts. The proposed attack exploits the expected Hamming weight of the result of the computed operations. We extrapolate our observations and assess the consequences for elliptic curve cryptosystems when unified formulae for point addition are used.

Side channel analysis of practical pairing implementations: which path is more secure?

We present an investigation into the security of three practical pairing algorithms; the Tate, truncated Eta (ηT) and Ate pairing, in terms of side channel vulnerability. These three algorithms have recently shown to be efficiently computable on the resource constrained smart card, however no in depth side channel analysis of these specific pairing implementations has yet appeared in the literature. We assess these algorithms based on two main avenues of attack since the secret parameter input to the pairing can potentially be entered in two possible positions, i.e. e(P,Q) or e(Q,P) where P is public and Q is private. We analyse the core operations fundamental to pairings and propose how they can be attacked in a computationally efficient way. Building on this we show how each implementation may potentially succumb to a side channel attack and demonstrate how one path is more susceptible than the other in Tate and Ate. For those who wish to deploy pairing based systems we make a simple suggestion to improve resistance to side channel attacks.

The importance of the final exponentiation in pairings when considering fault attacks

We investigate the possibilities for injecting faults on pairings and assess their consequences. We assess the effect of faults that seek to corrupt the data being operated on and show that pairings with either no or a straightforward final exponentiation are less secure than pairings with a more complex final exponentiation when considering such fault attacks. As evidence, we describe two types of fault attacks on the Weil and η pairing that recover the secret point, which cannot be applied to the Tate pairing. This can be accredited to its more complex final exponentiation.

All-or-Nothing Transforms as a countermeasure to differential side-channel analysis

Side-channel attacks on hardware implementations of cryptographic algorithms have recently been the focus of much attention in the research community. Differential power analysis (DPA) has been shown to be particularly effective at retrieving secret information stored within an implementation. The design of DPA-resistant systems that are efficient in terms of speed and area poses a significant challenge. All-or-Nothing Transforms are cryptographic transforms, which are currently employed in numerous applications. We examine All-or-Nothing Encryption systems from the DPA perspective. This paper shows that All-or-Nothing cryptosystems, whilst not preventing side-channel leakage, do fundamentally inhibit DPA attacks. Furthermore, we develop extensions to the All-or-Nothing protocol to strengthen the DPA resistance of the cryptosystem, providing a practical alternative to masking countermeasures for symmetric ciphers.