Evidence of an information leakage between logically independent blocks

Autor: Loic Zussa, Jean-Max Dutertre, Assia Tria, Jessy Clédière, Ingrid Exurville, Jean-Baptiste Rigaud, Bruno Robisson
Přispěvatelé: Département Systèmes et Architectures Sécurisés (SAS-ENSMSE), École des Mines de Saint-Étienne (Mines Saint-Étienne MSE), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-CMP-GC, Laboratoire Systèmes et Architectures Sécurisés (LSAS), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-CMP-GC-École des Mines de Saint-Étienne (Mines Saint-Étienne MSE), Institut Mines-Télécom [Paris] (IMT)-Institut Mines-Télécom [Paris] (IMT)-CMP-GC-CEA Tech en régions (CEA-TECH-Reg), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information (CEA-LETI)
Jazyk: angličtina
Rok vydání: 2015
Předmět:
Zdroj: Proceedings of the Second Workshop on Cryptography and Security in Computing Systems
Second Workshop on Cryptography and Security in Computing Systems (CS2'2015)
Second Workshop on Cryptography and Security in Computing Systems (CS2'2015), Jan 2015, Amsterdam, Netherlands. pp.25, ⟨10.1145/2694805.2694810⟩
CS2@HiPEAC
DOI: 10.1145/2694805.2694810⟩
Popis: International audience; In this paper we study the information leakage that may exist, due to electrical coupling, between logically independent blocks of a secure circuit as a new attack path to retrieve secret information. First, an AES-128 has been implemented on a FPGA board. Then, this AES implementation has been secured with a delay-based countermeasure against fault injection related to timing constraints violations. The countermeasure's detection threshold was supposed to be logically independent from the data handled by the cryptographic algorithm. Thus, it theoretically does not leak any information related to sensitive values. However experiments point out an existing correlation between the fault detection threshold of the countermeasure and the AES's calculations. As a result, we were able to retrieve the secret key of the AES using this correlation. Finally, different strategies were tested in order to minimize the number of triggered alarm to retrieve the secret key.
Databáze: OpenAIRE