Politecnico di Torino (logo)

Statistical effective and ineffective Fault Attacks against Advanced Encryption Standard implementations

Fausto Pignattelli

Statistical effective and ineffective Fault Attacks against Advanced Encryption Standard implementations.

Rel. Maurizio Martina. Politecnico di Torino, Corso di laurea magistrale in Mechatronic Engineering (Ingegneria Meccatronica), 2019


Along with technological progress, information security has become a serious issue that must be taken into account when sensitive and personal data happens to be exposed to a threatening environment. Embedded devices are an example of targets whose security can be violated by an attacker in order to find a secret variable of interest. To provide an adequate protection against any possible leakage, cryptographic algorithms can be integrated into electronic devices in order to help reinforcing data protection against the different possible cryptanalysis attacks. The standard algorithms are mostly considered as secure from a purely mathematical point of view. However, the implementation of said algorithms can contain vulnerabilities that can be exploited to break the algorithm security. Fault attacks are a well-known example of active cryptanalysis implementation attacks that rely on the voluntary introduction of a perturbation during the execution of a cryptographic algorithm in order to later exploit the created errors. In particular, this work details one specific class of fault attacks: Statistical Ineffective Fault Attacks (SIFA). This class of attacks was recently published in the international Conference on Cryptographic Hardware and Embedded Systems 2018 (CHES) and relies on a statistical analysis approach in order to break the cryptographic algorithm. In the related-field literature, such an approach was already presented with another class of fault injection attacks that can be therefore considered as SIFA predecessor: Statistical Fault Attacks (SFA) . Both SFA and SIFA strongly rely on the deployment of statistical estimators, even if in a slightly different way, to successfully deploy the attack. The most important advantage about SIFA is that they rely on the "ineffective" results of faulted computations and therefore provide some significant improvements that overcome some of the limitations of a general fault induction attack. This work focuses on the working principle of both SIFA and SFA against the Advanced Encryption Standard (AES) , the current worldwide used standard for electronic data encryption established by the american National Institute of Standards and Technology (NIST) in 2001. The theoretical aspects linked to the two attacks are supported by means of software simulations and real implementations. In particular, the mentioned attacks have been applied in a practical context, by deploying the targeted attack on a Field Programmable Gate Array (FPGA) device. Specifically, the attack has been physically implemented according to the voltage glitch technique, which consists in a sudden variation of the line voltage of the device, in order to introduce a perturbation inside the AES algorithm computation.

Relators: Maurizio Martina
Academic year: 2019/20
Publication type: Electronic
Number of Pages: 150
Additional Information: Tesi secretata. Fulltext non presente
Corso di laurea: Corso di laurea magistrale in Mechatronic Engineering (Ingegneria Meccatronica)
Classe di laurea: New organization > Master science > LM-25 - AUTOMATION ENGINEERING
Aziende collaboratrici: STMicroelectronics ROUSSET SAS
URI: http://webthesis.biblio.polito.it/id/eprint/12494
Modify record (reserved for operators) Modify record (reserved for operators)