Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Introduction to Fault Analysis in Cryptography Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

13. Optimizing Electromagnetic Fault Injection with Genetic Algorithms

verfasst von : Antun Maldini, Niels Samwel, Stjepan Picek, Lejla Batina

Erschienen in: Automated Methods in Cryptographic Fault Analysis

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Fault injection is a serious threat for implementations of cryptography, especially on small embedded devices. In particular, electromagnetic fault injection (EMFI) is a powerful active attack, requiring minimal modifications on the device under attack while having excellent penetration capabilities. The challenge is in finding the right combination of the attack parameters and their values. Namely, the number of possible combinations (for all the values of relevant parameters) is typically huge and rendering exhaustive search impossible.
In this chapter, we introduce this problem and we survey some previous attempts for solving it. We also present a novel evolutionary algorithm for optimizing the parameters search for EM fault injection that outperforms all known search methods for EMFI. The results are widely applicable as the cryptographic device under attack is considered a black box, with only a few very general assumptions on its inner workings.
We test our novel evolutionary algorithm by attacking the SHA-3 algorithm. Our results leverage 40 times more faulty measurements and 20 times more distinct fault measurements than one could obtain with a random search. When this methodology is coupled with the algebraic fault attack, we get 25% more exploitable faults per individual measurement.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Fault Analysis Assisted by Simulation
Nächstes Kapitel Automated Profiling Method for Laser Fault Injection in FPGAs
Fußnoten
2
WolfSSL, an embedded SSL/TLS library. Available at: https://​www.​wolfssl.​com/​.
 
3
The parent points define an axis-aligned parallelepiped in parameter-space; the parents are placed on the diagonally opposite vertices. In a Hamming cube, these would be the all-zeros and all-ones vertices. The first crossover variant corresponds to picking one of its vertices, whereas the second crossover variant corresponds to picking a point within it.
 
Literatur
1.
2.
C. Aumüller, P. Bier, W. Fischer, P. Hofreiter, J.-P. Seifert, Fault attacks on RSA with CRT: concrete results and practical countermeasures, in CHES, pp. 260–275 (2002)
3.
T. Bäck, D.B. Fogel, Z. Michalewicz (eds.), Evolutionary Computation 1: Basic Algorithms and Operators (Institute of Physics Publishing, Bristol, 2000)MATH
4.
N. Bagheri, N. Ghaedi, S.K. Sanadhya, Differential fault analysis of SHA-3, in Progress in Cryptology–INDOCRYPT 2015 (Springer, Cham, 2015), pp. 253–269
5.
6.
D. Boneh, R.A. DeMillo, R.J. Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in Advances in Cryptology - Proceeding of the EUROCRYPT ‘97, International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, May 11–15 (1997), pp. 37–51
7.
E. Cagli, C. Dumas, E. Prouff, Convolutional neural networks with data augmentation against jitter-based countermeasures - profiling attacks without pre-processing, in Cryptographic Hardware and Embedded Systems - CHES 2017 - Proceedings of the 19th International Conference, 2017, Taipei, September 25–28 (2017), pp. 45–68
8.
R.B. Carpi, S. Picek, L. Batina, F. Menarini, D. Jakobovic, M. Golub, Glitch it if you can: parameter search strategies for successful fault injection, in Smart Card Research and Advanced Applications, ed. by A. Francillon, P. Rohatgi (Springer, Cham, 2014), pp. 236–252
9.
A.E. Eiben, J.E. Smith, Introduction to Evolutionary Computing (Springer, Berlin, 2003)CrossRef
10.
J.H. Holland, Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence (The MIT Press, Cambridge, 1992)CrossRef
11.
P.C. Kocher, Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, in CRYPTO ‘96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology (Springer, London, 1996), pp. 104–113MATH
12.
P. Kocher, J. Jaffe, B. Jun, Differential power analysis, in Annual International Cryptology Conference (Springer, Berlin, 1999), pp. 388–397MATH
13.
O. Kömmerling, M.G. Kuhn, Design principles for tamper-resistant smartcard processors, in Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology (USENIX Association, Berkeley, 1999), pp. 2–2
14.
L. Lerman, G. Bontempi, O. Markowitch, Side channel attack: an approach based on machine learning, in Second International Workshop on Constructive SideChannel Analysis and Secure Design, pp. 29–41 (Center for Advanced Security Research, Darmstadt, 2011)
15.
P. Luo, Y. Fei, L. Zhang, A.A. Ding, Differential fault analysis of SHA3-224 and SHA3-256, in 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 4–15 (2016)
16.
P. Luo, Y. Fei, L. Zhang, A.A. Ding, Differential fault analysis of SHA-3 under relaxed fault models. J. Hardware Syst. Secur. 1(2), 156–172 (2017)CrossRef
17.
P. Luo, K. Athanasiou, Y. Fei, T. Wahl, Algebraic fault analysis of SHA-3 under relaxed fault models. IEEE Trans. Inf. Forensics Secur. 13, 1752–1761 (2018)CrossRef
18.
M. Madau, M. Agoyan, P. Maurine, An EM fault injection susceptibility criterion and its application to the localization of hotspots, in International Conference on Smart Card Research and Advanced Applications (Springer, Cham, 2017), pp. 180–195
19.
H. Martín, T. Korak, E.S. Millán, M. Hutter, Fault attacks on STRNGs: impact of glitches, temperature, and underpowering on randomness. IEEE Trans. Inf. Forensics Secur. 10(2), 266–277 (2015)CrossRef
20.
21.
S. Ordas, L. Guillaume-Sage, P. Maurine, EM injection: fault model and locality, in Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), 2015 (IEEE, Piscataway, 2015), pp. 3–13
22.
S. Picek, L. Batina, D. Jakobovic, R.B. Carpi, Evolving genetic algorithms for fault injection attacks, in 2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), May (2014), pp. 1106–1111
23.
S. Picek, L. Batina, P. Buzing, D. Jakobovic, Fault injection with a new flavor: memetic algorithms make a difference, in Constructive Side-Channel Analysis and Secure Design, ed. by S. Mangard, A.Y. Poschmann (Springer, Cham, 2015), pp. 159–173CrossRef
24.
S. Picek, A. Heuser, A. Jovic, S.A. Ludwig, S. Guilley, D. Jakobovic, N. Mentens, Side-channel analysis and machine learning: a practical perspective, in 2017 International Joint Conference on Neural Networks, IJCNN 2017, Anchorage, AK, May 14–19 (2017), pp. 4095–4102
25.
J.-J. Quisquater, D. Samyde, Electromagnetic analysis (EMA): measures and counter-measures for smart cards, in Smart Card Programming and Security, ed. by I. Attali, T. Jensen (Springer, Berlin, 2001), pp. 200–210CrossRef
26.
N. Samwel, L. Batina, Practical fault injection on deterministic signatures: the case of EdDSA, in Progress in Cryptology – AFRICACRYPT 2018, ed. by A. Joux, A. Nitaj, T. Rachidi (Springer, Cham, 2018), pp. 306–321CrossRef
Metadaten
Titel
Optimizing Electromagnetic Fault Injection with Genetic Algorithms
verfasst von
Antun Maldini
Niels Samwel
Stjepan Picek
Lejla Batina
Copyright-Jahr
2019
Buch
Automated Methods in Cryptographic Fault Analysis

Print ISBN: 978-3-030-11332-2

Electronic ISBN: 978-3-030-11333-9

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-11333-9_13

Neuer Inhalt

    Bildnachweise