Abstract
Fault analysis poses a serious threat to embedded security devices, especially smart cards. In particular, modeling faults and finding effective practical approaches that are also generic is considered to be of interest for smart card industry. In this work we propose a novel methodology to deal with a difficult question of choosing multiple parameters required for effective faults. To this aim, we investigate several algorithms and find a new promising direction using evolutionary computation. Our experimental results on some of the smart cards used today show the potential of this new approach. Our best algorithm is a tailored search strategy especially developed for the purpose of finding the best choice of parameters for glitching. With this approach we found some of off-the-shelf devices, although secured against this type of attacks, still vulnerable.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In the time dimension, the response of the TOE could be different each time instant. However, due to the presence of internal unstable clocks in TOEs Target B and Target C, the glitch offset has been omitted in the search. The clock jitter causes a FI time instant spread bigger than the accuracy we can obtain with the testing equipment by setting a precise glitch offset in time (2 ns). Additionally, the model assumes a stable operation of the TOE, and not a drastically changing power profile over time (e.g. TOE booting) for the validity of glitch shape-related parameters in the 2nd stage of the search.
- 2.
Note that small glitches that are to be ignored have a length close to LLOW and voltage close to VLOW, but the glitch voltage is typically a negative value, hence the counter-intuitive naming convention for voltage boundaries.
- 3.
For each device all samples were from the same batch, hardware revision and manufacturer.
References
Anderson, R., Kuhn, M., A, E.U.S.: Tamper resistance – a cautionary note. In: Proceedings of the Second Usenix Workshop on Electronic Commerce, pp. 1–11 (1996)
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, WOST’99, Berkeley, CA, USA, p. 2. USENIX Association (1999)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)
Boneh, D., DeMillo, R., Lipton, R.: New threat model breaks crypto codes. Bellcore 85 Press Release (1996)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)
Aumüller, C., Bier, P., Fischer, W., Hofreiter, P., Seifert, J.-P.: Fault attacks on RSA with CRT: concrete results and practical countermeasures. In: Kaliski Jr, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 260–275. Springer, Heidelberg (2003)
Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: Kaliski Jr, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)
van Woudenberg, J., Witteman, M., Menarini, F.: Practical optical fault injection on secure microcontrollers. In: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 91–99 (2011)
Balasch, J., Gierlichs, B., Verbauwhede, I.: An In-depth and Black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Proceedings of the 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC ’11, Washington, DC, USA, pp. 105–114. IEEE Computer Society (2011)
Weise, T.: Global Optimization Algorithms Theory and Application (2009). http://www.it-weise.de/
Jakobovic, D., et al.: Evolutionary computation framework, January 2013. http://gp.zemris.fer.hr/ecf/
Acknowledgements
This work was supported in part by the Technology Foundation STW (project 12624 - SIDES), The Netherlands Organization for Scientific Research NWO (project ProFIL 628.001.007) and the ICT COST action IC1204 TRUDEVICE.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix: TOE Details
Appendix: TOE Details
A more detailed description of the TOEs described in this paper follows:
Target A: It is a smartcard based on an ATMega163+24C256 IC, CMOS technology, hardware last revision 2003. This TOE does not have any side-channel countermeasure nor fault-injection countermeasure. All processing of the card is performed in software, and the card was running on an external 4 MHz clock frequency. In particular, this target is also available from Riscure BV as the research target “Training Card 6”. The code that was attacked was a vulnerable PIN (Personal Identification Number) authentication mechanism is as follows:
Target B: It is a smartcard bought in 2013 from a webshop from one of the leading manufacturers in the sector. This TOE is a protected target, and has countermeasures against SCA and FI, such as fault injection detection logic and light, temperature and clock sensors. The IC design is from late 2004. Additionally, it has dedicated logic for cryptographic operations. More in detail, this TOE implements the JavaCard OS 2.2.1 and GlobalPlatform 2.1.1 standard. It runs on an internal, unstable clock at an unknown frequency. The supplied external clock frequency was 4 MHz. The card was running exclusively on software (no crypto hardware present in the IC was used). The Java applet loaded into the card was a double nested loop with two counters and a checksum. The code was similar to the following piece of code:
Target C: It is a smartcard bought in 2013 from a webshop from one of the leading manufacturers in the sector. This TOE is a protected target, and has the same feature set as Target B in terms of hardware and countermeasures. This TOE implements the JavaCard OS 2.2.1 and GlobalPlatform 2.1 standard. It was also Common Criteria certified level EAL4+ in 2008. The Java applet loaded into the card was the same applet as described for Target B.
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Carpi, R.B., Picek, S., Batina, L., Menarini, F., Jakobovic, D., Golub, M. (2014). Glitch It If You Can: Parameter Search Strategies for Successful Fault Injection. In: Francillon, A., Rohatgi, P. (eds) Smart Card Research and Advanced Applications. CARDIS 2013. Lecture Notes in Computer Science(), vol 8419. Springer, Cham. https://doi.org/10.1007/978-3-319-08302-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-08302-5_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08301-8
Online ISBN: 978-3-319-08302-5
eBook Packages: Computer ScienceComputer Science (R0)