Abstract
Normally, fault attack models are determined by analyzing the cipher algorithm and finding exploitable spots in non-linear and permutation layers. However, due to optimizations and different ways of realizing algorithmic operations, cipher level analysis does not capture enough details to locate the vulnerable parts of software implementations. On the other hand, manually analyzing the assembly code requires non-negligible amount of time and expertise.
In this chapter, we propose an automated approach for analyzing cipher implementations in assembly. By representing the whole assembly program as a data flow graph, we can efficiently identify the vulnerable spots. Fault propagation is analyzed in a subgraph, constructed from each vulnerable spot, allowing equations for differential fault analysis (DFA) to be automatically generated.
We have created a tool that implements our approach: DATAC—DFA Automation Tool for Assembly Code. We have successfully used DATAC for attacking PRESENT-80, being able to find implementation-specific vulnerabilities that can be exploited in order to recover the last round key with 16 faults. Our results show that DATAC is useful in finding attack spots that are not visible from the cipher structure, but can be easily exploited when dealing with real-world implementations.
This research was conducted when the author “Jakub Breier” was with Temasek Laboratories, NTU.
This research was conducted when the author “Xiaolu Hou” was with Nanyang Technological University.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
We note that this is only a naming convention to make the analysis consistent. In special cases, where the actual order of the key words is different from their loading sequence, user has to rearrange the key words after the analysis.
- 3.
- 4.
- 5.
References
W. Abu-Sufah, D.J. Kuck, D.H. Lawrie, On the performance enhancement of paging systems through program analysis and transformations. IEEE Trans. Comput. 30(5), 341–356 (1981)
G. Agosta, A. Barenghi, G. Pelosi, M. Scandale, Differential fault analysis for block ciphers: an automated conservative analysis, in Proceedings of the 7th International Conference on Security of Information and Networks (SIN ’14) (ACM, New York, 2014), pp. 137:137–137:144
H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, C. Whelan, The Sorcerer’s apprentice guide to fault attacks. Proc. IEEE 94(2), 370–382 (2006)
A. Barenghi, G. Pelosi, L. Breveglieri, F. Regazzoni, I. Koren, Low-cost software countermeasures against fault attacks: implementation and performances trade offs, in Proceedings of the 5th Workshop on Embedded Security (WESS) (ACM, New York, 2010)
A. Barenghi, G.M. Bertoni, L. Breveglieri, M. Pelliccioli, G. Pelosi, Injection technologies for fault attacks on microprocessors, in Fault Analysis in Cryptography (Springer, Berlin, 2012), pp. 275–293
A. Barenghi, L. Breveglieri, I. Koren, D. Naccache, Fault injection attacks on cryptographic devices: theory, practice, and countermeasures. Proc. IEEE 100(11), 3056–3076 (2012)
C. Barrett, “Decision procedures: an algorithmic point of view,” by Daniel Kroening and Ofer Strichman, Springer-Verlag, 2008. J. Autom. Reason. 51(4), 453–456 (2013)
A.G. Bayrak, F. Regazzoni, D. Novo, P. Ienne, Sleuth: automated verification of software power analysis countermeasures, in Proceedings of the 15th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2013), ed. by G. Bertoni, J.-S. Coron (Springer, Berlin, 2013), pp. 293–310
R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks, L. Wingers, The SIMON and SPECK block ciphers on AVR 8-bit microcontrollers, in International Workshop on Lightweight Cryptography for Security and Privacy (Springer, Cham, 2014), pp. 3–20
R. Beaulieu, S. Treatman-Clark, D. Shors, B. Weeks, J. Smith, L. Wingers, The SIMON and SPECK lightweight block ciphers, in 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC) (ACM, New York, 2015), pp. 1–6
E. Biham, A. Shamir, Differential fault analysis of secret key cryptosystems, in Advances in Cryptology (CRYPTO ’97), ed. by B.S. Kaliski Jr. Lecture Notes in Computer Science, vol. 1294 (Springer, Berlin, Heidelberg, 1997), pp. 513–525
A. Bogdanov, L.R. Knudsen, G. Leander, C. Paar, A. Poschmann, M.J. Robshaw, Y. Seurin, C. Vikkelsoe, PRESENT: an ultra-lightweight block cipher, in Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems (CHES ’07) (Springer, Berlin, 2007), pp. 450–466
J. Breier, W. He, Multiple fault attack on present with a hardware trojan implementation in FPGA, in 2015 International Workshop on Secure Internet of Things (SIoT) (IEEE, Piscataway, 2015), pp. 58–64
J. Breier, X. Hou, Feeding two cats with one bowl: on designing a fault and side-channel resistant software encoding scheme, in Cryptographers’ Track at the RSA Conference (Springer, Cham, 2017), pp. 77–94
J. Breier, D. Jap, C.-N. Chen, Laser profiling for the back-side fault attacks: with a practical laser skip instruction attack on AES, in Proceedings of the 1st ACM Workshop on Cyber-Physical System Security (CPSS ’15) (ACM, New York, 2015), pp. 99–103
J. Breier, X. Hou, Y. Liu, Fault attacks made easy: differential fault analysis automation on assembly code. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 96–122 (2018)
J. Bringer, C. Carlet, H. Chabanne, S. Guilley, H. Maghrebi, Orthogonal direct sum masking: a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks. Cryptology ePrint Archive, Report 2014/665, 2014. http://eprint.iacr.org/2014/665
G. Canivet, P. Maistri, R. Leveugle, J. Clédière, F. Valette, M. Renaudin, Glitch and laser fault attacks onto a secure AES implementation on a SRAM-based FPGA. J. Cryptol. 24(2), 247–268 (2011)
A.E. Casavant, D.D. Gajski, D.J. Kuck, Automatic design with dependence graphs, in 17th Design Automation Conference (ACM, New York, 1980), pp. 506–515
J. Daemen, V. Rijmen, The Design of Rijndael (Springer, New York, 2002)
F. De Santis, O.M. Guillen, E. Sakic, G. Sigl, Ciphertext-only fault attacks on present, in International Workshop on Lightweight Cryptography for Security and Privacy (Springer, Cham, 2014), pp. 85–108
P. Dey, R.S. Rohit, A. Adhikari, Full key recovery of acorn with a single fault. J. Inf. Secur. Appl. 29(C), 57–64 (2016)
S.V. Dilip Kumar, S. Patranabis, J. Breier, D. Mukhopadhyay, S. Bhasin, A. Chattopadhyay, A. Baksi, A practical fault attack on ARX-like ciphers with a case study on Chacha20, in 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2017, Taipei, Taiwan, September 25, 2017 (IEEE, Piscataway, 2017), pp. 33–40
R. Dreesen, T. Jungeblut, M. Thies, U. Kastens, Dependence analysis of VLIW code for non-interlocked pipelines, in Proceedings of the 8th Workshop on Optimizations for DSP and Embedded Systems (ODES-8) (2010)
L. Dureuil, M.-L. Potet, P. de Choudens, C. Dumas, J. Clédière, From code review to fault injection attacks: Filling the gap using fault model inference, in Smart Card Research and Advanced Applications: 14th International Conference, CARDIS 2015, Bochum, Germany, November 4–6, 2015. Revised Selected Papers, ed. by N. Homma, M. Medwed (Springer, Cham, 2016), pp. 107–124
A. Dutta, G. Paul, Deterministic hard fault attack on Trivium, in Advances in Information and Computer Security: 9th International Workshop on Security, IWSEC 2014, Hirosaki, Japan, August 27–29, 2014. Proceedings, ed. by M. Yoshida, K. Mouri (Springer, Cham, 2014), pp. 134–145
T. Eisenbarth, Z. Gong, T. Güneysu, S. Heyse, S. Indesteege, S. Kerckhof, F. Koeune, T. Nad, T. Plos, F. Regazzoni, F.-X. Standaert, L. van Oldeneel tot Oldenzeel, Compact implementation and performance evaluation of block ciphers in ATtiny devices, in Progress in Cryptology–AFRICACRYPT 2012: 5th International Conference on Cryptology in Africa, Ifrance, Morocco, July 10–12, 2012. Proceedings, ed. by A. Mitrokotsa, S. Vaudenay (Springer, Berlin, Heidelberg, 2012), pp. 172–187
S. Endo, N. Homma, Y. Hayashi, J. Takahashi, H. Fuji, T. Aoki, A multiple-fault injection attack by adaptive timing control under black-box conditions and a countermeasure, in Constructive Side-Channel Analysis and Secure Design, ed. by E. Prouff (Springer, Cham, 2014), pp. 214–228
K. Fukushima, R. Xu, S. Kiyomoto, N. Homma, Fault injection attack on Salsa20 and ChaCha and a lightweight countermeasure, in 2017 IEEE Trustcom/BigDataSE/ICESS (IEEE, Piscataway, 2017), pp. 1032–1037
M. Gay, J. Burchard, J. Horacek, A.S.M. Ekossono, T. Schubert, B. Becker, I. Polian, M. Kreuzer, Small scale AES toolbox: algebraic and propositional formulas, circuit implementations and fault equations, FCTRU, 2016, http://hdl.handle.net/2117/99210
N.F. Ghalaty, B. Yuce, P. Schaumont, Differential fault intensity analysis on present and led block ciphers, in International Workshop on Constructive Side-Channel Analysis and Secure Design (Springer, Cham, 2015), pp. 174–188
L. Goubet, K. Heydemann, E. Encrenaz, R. De Keulenaer, Efficient design and evaluation of countermeasures against fault attacks using formal verification, in Smart Card Research and Advanced Applications: 14th International Conference, CARDIS 2015, Bochum, Germany, November 4–6, 2015. Revised Selected Papers, ed. by N. Homma, M. Medwed, (Springer, Cham, 2016), pp. 177–192
D. Gu, J. Li, S. Li, Z. Ma, Z. Guo, J. Liu, Differential fault analysis on lightweight blockciphers with statistical cryptanalysis techniques, in 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) (IEEE, Piscataway, 2012), pp. 27–33
K. Jeong, Y. Lee, J. Sung, S. Hong, Improved differential fault analysis on present-80/128. Int. J. Comput. Math. 90(12), 2553–2563 (2013)
P. Jovanovic, M. Kreuzer, I. Polian, An algebraic fault attack on the led block cipher. IACR Cryptol. ePrint Arch. 2012, 400 (2012)
D. Karaklajić, J.-M. Schmidt, I. Verbauwhede, Hardware designer’s guide to fault attacks, IEEE Trans. Very Large Scale Integr. VLSI Syst. 21(12), 2295–2306 (2013)
P. Khanna, C. Rebeiro, A. Hazra, XFC: a framework for eXploitable fault characterization in block ciphers, in Proceedings of the 54th Annual Design Automation Conference 2017 (DAC ’17) (ACM, New York, 2017), pp. 8:1–8:6
B. Lac, A. Canteaut, J. Fournier, R. Sirdey, Thwarting fault attacks using the internal redundancy countermeasure (IRC), in International Symposium on Circuits and Systems (ISCAS) 2018 (2018)
N. Moro, A. Dehbaoui, K. Heydemann, B. Robisson, E. Encrenaz, Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller, in 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography (IEEE, Piscataway, 2013), pp. 77–88
N. Moro, K. Heydemann, A. Dehbaoui, B. Robisson, E. Encrenaz, Experimental evaluation of two software countermeasures against fault attacks, in 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) (IEEE, Piscataway, 2014), pp. 112–117
R. Niemann, Hardware/software co-design for data flow dominated embedded systems (Springer, Berlin, 1998)
S. Patranabis, A. Chakraborty, D. Mukhopadhyay, Fault tolerant infective countermeasure for AES. J. Hardw. Syst. Secur. 1(1), 3–17 (2017)
C. Patrick, B. Yuce, N.F. Ghalaty, P. Schaumont, Lightweight fault attack resistance in software using intra-instruction redundancy, in International Conference on Selected Areas in Cryptography (Springer, Cham, 2016), pp. 231–244
M. Tunstall, D. Mukhopadhyay, S. Ali, Differential fault analysis of the advanced encryption standard using a single fault, in IFIP International Workshop on Information Security Theory and Practices (Springer, Heidelberg, 2011), pp. 224–233
H. Tupsamudre, S. Bisht, D. Mukhopadhyay, Differential fault analysis on the families of SIMON and SPECK ciphers, in 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography (IEEE, Piscataway, 2014), pp. 40–48
B. Yuce, N.F. Ghalaty, H. Santapuri, C. Deshpande, C. Patrick, P. Schaumont, Software fault resistance is futile: effective single-glitch attacks, in 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) (IEEE, Piscataway, 2016), pp. 47–58
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix: Class Diagram of DATAC
Appendix: Class Diagram of DATAC
See Fig. 4.8.
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Breier, J., Hou, X., Liu, Y. (2019). Differential Fault Analysis Automation on Assembly Code. In: Breier, J., Hou, X., Bhasin, S. (eds) Automated Methods in Cryptographic Fault Analysis. Springer, Cham. https://doi.org/10.1007/978-3-030-11333-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-11333-9_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11332-2
Online ISBN: 978-3-030-11333-9
eBook Packages: EngineeringEngineering (R0)