Switching Off your Device Does Not Protect Against Fault Attacks

Authors

  • Paul Grandamme Université Jean Monnet Saint-Etienne, CNRS, Institut d Optique Graduate School, Laboratoire Hubert Curien UMR 5516, F-42023, SAINT-ETIENNE, France; Mines Saint-Etienne CEA, Leti, Centre CMP, F-13541, GARDANNE, France
  • Pierre-Antoine Tissot Université Jean Monnet Saint-Etienne, CNRS, Institut d Optique Graduate School, Laboratoire Hubert Curien UMR 5516, F-42023, SAINT-ETIENNE, France
  • Lilian Bossuet Université Jean Monnet Saint-Etienne, CNRS, Institut d Optique Graduate School, Laboratoire Hubert Curien UMR 5516, F-42023, SAINT-ETIENNE, France
  • Jean-Max Dutertre Mines Saint-Etienne CEA, Leti, Centre CMP, F-13541, GARDANNE, France,
  • Brice Colombier Université Jean Monnet Saint-Etienne, CNRS, Institut d Optique Graduate School, Laboratoire Hubert Curien UMR 5516, F-42023, SAINT-ETIENNE, France
  • Vincent Grosso Université Jean Monnet Saint-Etienne, CNRS, Institut d Optique Graduate School, Laboratoire Hubert Curien UMR 5516, F-42023, SAINT-ETIENNE, France

DOI:

https://doi.org/10.46586/tches.v2024.i4.425-450

Keywords:

Fault attack, Laser injection, Unpowered devices, Persistent fault analysis, Flash memory

Abstract

Physical attacks, and among them fault injection attacks, are a significant threat to the security of embedded systems. Among the means of fault injection, laser has the significant advantage of being extremely spatially accurate. Numerous state-of-the-art studies have investigated the use of lasers to inject faults into a target at run-time. However, the high precision of laser fault injection comes with requirements on the knowledge of the implementation and exact execution time of the victim code. The main contribution of this work is the demonstration on experimental basis that it is also possible to perform laser fault injection on an unpowered device. Specifically, we targeted the Flash non-volatile memory of a 32-bit microcontroller. The advantage of this new attack path is that it does not require any synchronisation between the victim and the attacker. We provide an experimental characterization of this phenomenon with a description of the fault model from the physical level up to the software level. Finally, we applied these results to carry out a persistent fault analysis on a 128-bit AES with a particularly realistic attacker model which reinforces the interest of the PFA.

Downloads

Published

2024-09-05

Issue

Section

Articles

How to Cite

Switching Off your Device Does Not Protect Against Fault Attacks. (2024). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2024(4), 425-450. https://doi.org/10.46586/tches.v2024.i4.425-450