Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks

نویسندگان

  • Lionel Rivière
  • Marie-Laure Potet
  • Thanh-Ha Le
  • Julien Bringer
  • Hervé Chabanne
  • Maxime Puys
چکیده

Physical fault injections break security functionalities of algorithms by targeting their implementations. Software techniques strengthen such implementations to enhance their robustness against fault attacks. Exhaustively testing physical fault injections is time consuming and requires complex platforms. Simulation solutions are developed for this specific purpose. We chose two independent tools presented in 2014, the Laser Attack Robustness (Lazart) and the Embedded Fault Simulator (EFS) in order to evaluate software implementations against multiple fault injection attacks. Lazart and the EFS share the common goal that consists in detecting vulnerabilities in the code. However, they operate with different techniques, fault models and abstraction levels. This paper aims at exhibiting specific advantages of both approaches and proposes a combining scheme that emphasizes their complementary nature.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

High-Level Simulation for Multiple Fault Injection Evaluation

Faults injection attacks have become a hot topic in the domain of smartcards. This work exposes a source code-base simulation approach designed to evaluate the robustness of high-level secured implementations against single and multiple fault injections. In addition to an unprotected CRT-RSA implementation, we successfully attacked two countermeasures with the high-level simulation under the da...

متن کامل

Lazart: a symbolic approach for evaluating the robustness of secured codes against control flow fault injections

In the domain of smart cards, secured devices must be protected against high level attack potential [1]. According to norms such as the Common Criteria [2], the vulnerability analysis must cover the current state-of-the-art in term of attacks. Nowadays, a very classical type of attack is fault injection, conducted by means of laser based techniques. We propose a global approach, called Lazart, ...

متن کامل

Fault Attacks Resistant Architecture for KECCAK Hash Function

The KECCAK cryptographic algorithms widely used in embedded circuits to ensure a high level of security to any systems which require hashing as the integrity checking and random number generation. One of the most efficient cryptanalysis techniques against KECCAK implementation is the fault injection attacks. Until now, only a few fault detection schemes for KECCAK have been presented. In this p...

متن کامل

Effectiveness of Automated Function Testing with Petri Nets: A Series of Controlled Experiments

Existing work has developed techniques for automated generation of function tests from high-level Petri nets. Yet there is no empirical evidence that demonstrates the costeffectiveness of this approach. This paper presents a series of controlled experiments to evaluate the fault detection capabilities of various strategies for test generation from high-level Petri nets. We built test models and...

متن کامل

White-Box Cryptography: Don't Forget About Grey Box Attacks

Despite the fact that all current scientific white-box approaches of standardized cryptographic primitives have been publicly broken, these attacks require knowledge of the internal data representation used by the implementation. In practice, the level of implementation knowledge required is only attainable through significant reverse engineering efforts. In this paper we describe new approache...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014