Beware of Insufficient Redundancy

An Experimental Evaluation of Code-based FI Countermeasures

Authors

  • Timo Bartkewitz TÜV Informationstechnik GmbH, Essen, Germany
  • Sven Bettendorf TÜV Informationstechnik GmbH, Essen, Germany
  • Thorben Moos UCLouvain, ICTEAM, Crypto Group, Louvain-la-Neuve, Belgium
  • Amir Moradi University of Cologne, Institute for Computer Science, Cologne, Germany
  • Falk Schellenberg Max Planck Institute for Security and Privacy, Bochum, Germany

DOI:

https://doi.org/10.46586/tches.v2022.i3.438-462

Keywords:

Concurrent Error Detection, Code-based Countermeasures, Impeccable Circuits, Laser Fault Injection, ASIC, Hardware Implementation

Abstract

Fault injection attacks pose a serious threat to cryptographic implementations. Countermeasures beyond sensors and shields usually deploy some form of redundancy to detect or even correct errors. A few years ago, a novel design methodology called Impeccable Circuits has been introduced on how to correctly integrate Concurrent Error Detection (CED) schemes, based on Error-Detection Codes (EDCs), into cryptographic hardware circuits. The underlying adversary model limits attackers to inject at most t single-bit faults. By additionally considering the propagation of faults in combinational circuits, the countermeasure guarantees detection of any faulty computation caused by up to t single-bit faults.
In this work, we present an experimental analysis of the Impeccable Circuits countermeasure and its underlying assumptions in modern semiconductor technology. More precisely, we have taken hardware implementations of the lightweight block cipher SKINNY equipped with various forms of the EDC-based CED schemes and realized them as cryptographic co-processors on a 40nm ASIC to experimentally evaluate their resistance to Laser Fault Injection (LFI) attacks. In short, our results show that it is fairly simple to overcome the protection offered by the integrated countermeasures when the length of the code n is smaller than twice its rank k (i.e., no full redundancy). This is not caused by any flaw in the underlying design methodology or concept, but merely demonstrates how easily the defined adversary model can be overcome. In our case, a standard black-box scan over the target using a common single-shot LFI setup is sufficient to occasionally inject more single-bit faults than those bounded by the underlying adversary model when n < 2k. The probability of such events proved to be large enough to perform successful key-recovery attacks via Differential Fault Analysis (DFA) in a matter of hours. Thus, we caution against limiting the redundancy in code-based FI countermeasures to less than the number of bits per word, especially in nanometer technologies, and point out that less-complex countermeasures like duplication showed a higher level of resistance in our experiments at a lower cost.

Downloads

Published

2022-06-08

Issue

Section

Articles

How to Cite

Beware of Insufficient Redundancy: An Experimental Evaluation of Code-based FI Countermeasures. (2022). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(3), 438-462. https://doi.org/10.46586/tches.v2022.i3.438-462