Side-Channel Analysis and Fault Injection
In contrast to analyses only targeting the mathematical foundations of security systems, implementation attacks are able to efficiently exploit vulnerabilities independently of the cryptographic strength of the underlying crypto primitives. In consequence these analyses can also be applied to secure standard algorithms such as the advanced encryption standard (AES). Implementation attacks exploit the real-world physical behaviour of practical security implementations: passive side-channel analysis attacks for example may analyze measurements of the power consumption of a security device to extract secret keys in a short time. On the other hand there are active fault injection attacks which aim for disturbing the execution of cryptographic algorithms within computing devices to invalidate security mechanisms. Typical approaches include manipulations of the supply voltage, the clock or stimulating the semiconductor by means of laser or EM pulses. The resulting faulty computations often allow for a fast cryptanalysis to recover the involved secret keys.
The GIAnT (Generic Implementation ANalysis Toolkit), a platform to mount implementation attacks on embedded systems, has been made available as open source project. GIAnT complements an FPGA module by additional hardware components to put side-channel analyses and fault injection attacks efficiently into practice.
Publications
Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World. David Oswald, Christof Paar. Workshop on Cryptographic Hardware and Embedded Systems CHES 2011. Nara, Japan. PDF
Seitenkanalanalyse kontaktloser SmartCards. Timo Kasper, David Oswald, Christof Paar. Datenschutz und Datensicherheit – DuD – Ausgabe 11/2011. PDF (German)
Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: Facilitating black-box analysis using software reverse-engineering. Amir Moradi, David Oswald, Christof Paar, Pawel Swierczynski. Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays 2013. Monterey, California, USA. PDF
On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from Xilinx Virtex-II FPGAs. Amir Moradi, Alessandro Barenghi, Timo Kasper, Christof Paar. Proceedings of the 18th ACM conference on Computer and communications security 2011. Chicago, Illinois, USA. PDF
Open Source Projects
GIAnT: Generic Implementation ANalysis Toolkit: Projekt auf sourceforge.net