Jakub Breier

The other side of the coin: Analyzing software encoding schemes against fault injection attacks

The versatility and cost of embedded systems have made it ubiquitous. Such wide-application exposes an embedded system to a variety of physical threats like side-channel attacks (SCA) and fault attacks (FA). Recently, a couple of software encoding schemes were proposed as a protection against SCA. These protection schemes are based on dual-rail precharge logic (DPL), previously shown resistant to both SCA and FA. In this paper, we analyze the previously proposed software encoding schemes against FA. Our results show that software encoding offers only limited resistance to FA. Finally, improvement to software-encoding schemes is improved. With this improvement, software encoding can serve as a common SCA and FA counter-measure with an exploitable fault probability as low as 0.0048.

Laser Profiling for the Back-Side Fault Attacks: With a Practical Laser Skip Instruction Attack on AES

Laser fault injection is one of the strongest fault injection techniques. It offers a precise area positioning and a precise timing, allowing a high repeatability of experiments. In our paper we examine possibilities of laser-induced faults that could lead to instruction skips. After the profiling phase we were able to perform an attack on the last AddRoundKey operation in AES and to retrieve the secret key with just one faulty and correct ciphertext pair. Our experiments show very high degree of repeatability and 100% success rate with correct laser settings.

Bypassing Parity Protected Cryptography using Laser Fault Injection in Cyber-Physical System

Lightweight cryptography has been widely utilized in resource constrained embedded devices of Cyber-Physical System (CPS) terminals. The hostile and unattended environment in many scenarios make those endpoints easy to be attacked by hardware based techniques. As a resource-efficient countermeasure against Fault Attacks, parity Concurrent Error Detection (CED) is preferably integrated with security-critical algorithm in CPS terminals. The parity bit changes if an odd number of faults occur during the cipher execution. In this paper, we analyze the effectiveness of fault detection of a parity CED protected cipher (PRESENT) using laser fault injection. The experimental results show that the laser perturbation to encryption can easily flip an even number of data bits, where the faults cannot be detected by parity. Due to the similarity of different parity structures, our attack can bypass almost all parity protections in block ciphers. Some suggestions are given to enhance the security of parity implementations.

Testing Feasibility of Back-Side Laser Fault Injection on a Microcontroller

Laser fault attack platform constitutes a powerful tool for a precise injection of faults into the device, allowing an attacker to carefully adjust timing and position on the chip. On the other hand, the cost of such equipment is high and the profiling time is non-negligible. In this paper, we would like to investigate the practicability of the back-side laser fault injection and to state benefits and drawbacks of this technique. We performed experiments on two methods of fault injections induced by a laser beam -- instruction disturbance experiments and register value changes. The first method, as our experiments show, is easy to perform, precise and repeatable. The second one is harder to perform and we could not achieve repeatability in such experiments.

Cheap and Cheerful: A Low-Cost Digital Sensor for Detecting Laser Fault Injection Attacks

Fault Injection Attacks (FIAs) have become a critical threat towards prevailing security embedded systems. FIA typically exploits the maliciously induced faults in security ICs for retrieving confidential internals. Since the faults are injected by disturbing circuit behaviors, FIA can possibly be detected in advance by integrating a sensitive sensor. In this paper, a full-digital detection logic against laser fault injection is proposed, which mainly consists of a high-frequency RO watchdog and a disturbance capture for sensing frequency ripples due to laser impact. Practical experiments on Virtex-5 FPGA show that the proposed sensor has fault detection rate of \(100\,\%\) for both regional and single CLB injection, protecting critical registers of PRESENT-80 cipher, with superior power/spatial security margin compared to a prior PLL-based sensor, while maintaining extremely low cost in hardware. The proposed logic is further applied to protect complete cipher over larger fabric, and the fine-grained fault injection using pulse laser shows a detection rate of \(94.20\,\%\), and an alarm rate of 2.63 : 1 in this experiment. Owing to its simple digital architecture, this system can be easily applied into any security-critical ICs.

Anomaly Detection from Log Files Using Data Mining Techniques

Log files are created by devices or systems in order to provide information about processes or actions that were performed. Detailed inspection of security logs can reveal potential security breaches and it can show us system weaknesses. In our work we propose a novel anomaly-based detection approach based on data mining techniques for log analysis. Our approach uses Apache Hadoop technique to enable processing of large data sets in a parallel way. Dynamic rule creation enables us to detect new types of breaches without further human intervention. Overall error rates of our method are below 10%.

Assets Dependencies Model in Information Security Risk Management

Information security risk management is a fundamental process conducted for the purpose of securing information assets in an organization. It usually involves asset identification and valuation, threat analysis, risk analysis and implementation of countermeasures. A correct asset valuation is a basis for accurate risk analysis, but there is a lack of works describing the valuation process with respect to dependencies among assets. In this work we propose a method for inspecting asset dependencies, based on common security attributes - confidentiality, integrity and availability. Our method should bring more detailed outputs from the risk analysis and therefore make this process more objective.

Overview of machine learning based side-channel analysis methods

Recent publications have shown that there is a possibility to apply machine learning methods for side-channel analysis, mostly for profiling based attacks. In this paper, we present a brief overview of those methods, and highlight what are the improvements that might be offered. It is shown that, in most cases, the performance of these methods could outperform the classical attacks. Here, we also discuss what could be the other potential applications of the learning algorithms, for example, as feature selection or for construction of leakage model.

On Selecting Critical Security Controls

Selection of proper security controls is an important part of building a secure information infrastructure in an organization. There exist many databases of security controls, but the final selection is left on security managers that have to make decisions based on their skills and experience. In this paper, we propose a novel approach, based on grey relational analysis combined with the TOPSIS decision making method, providing a quantitative technique for the security controls selection and prioritization. Our method can help security managers more effectively perform their decisions in this field.

On Analyzing Program Behavior under Fault Injection Attacks

Fault attacks pose a serious threat to cryptographic algorithm implementations. It is a non-trivial task to design a code that minimizes the risk of exploiting the incorrect output that was produced by inducing faults in the algorithm execution process. In this paper we propose a design of an instruction set simulator capable of analyzing the code behavior under fault attack conditions. Our simulator is easy to use and provides a valuable insights for the designers that could help to harden the code they implement.