Differential Fault Analysis
   HOME

TheInfoList



Click Here for Items Related To - Differential Fault Analysis
OR:
Differential Fault Analysis on:   [Wikipedia]   [Google]   [Amazon]

Differential fault analysis (DFA) is a type of active
side-channel attack In computer security, a side-channel attack is a type of security exploit that leverages information inadvertently leaked by a system—such as timing, power consumption, or electromagnetic or acoustic emissions—to gain unauthorized access to ...
in the field of
cryptography Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), ...
, specifically
cryptanalysis Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
. The principle is to induce ''faults''—unexpected environmental conditions—into cryptographic operations to reveal their internal states.


Principles

Taking a
smartcard A smart card (SC), chip card, or integrated circuit card (ICC or IC card), is a card used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a ...
containing an embedded processor as an example, some unexpected environmental conditions it could experience include being subjected to high temperature, receiving unsupported supply voltage or current, being excessively overclocked, experiencing strong
electric Electricity is the set of physical phenomena associated with the presence and motion of matter possessing an electric charge. Electricity is related to magnetism, both being part of the phenomenon of electromagnetism, as described by Maxwel ...
or
magnetic field A magnetic field (sometimes called B-field) is a physical field that describes the magnetic influence on moving electric charges, electric currents, and magnetic materials. A moving charge in a magnetic field experiences a force perpendicular ...
s, or even receiving
ionizing radiation Ionizing (ionising) radiation, including Radioactive decay, nuclear radiation, consists of subatomic particles or electromagnetic waves that have enough energy per individual photon or particle to ionization, ionize atoms or molecules by detaching ...
to influence the operation of the processor. When stressed like this, the processor may begin to output incorrect results due to physical
data corruption Data corruption refers to errors in computer data that occur during writing, reading, storage, transmission, or processing, which introduce unintended changes to the original data. Computer, transmission, and storage systems use a number of meas ...
, which may help a
cryptanalyst Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
deduce the instructions that the processor is running, or what the internal state of its data is. For DES and
Triple DES In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The 56-bit key of the Dat ...
, about 200 single-flipped bits are necessary to obtain a secret key. DFA has also been applied successfully to the AES cipher. Many countermeasures have been proposed to defend from these kinds of attacks. Most of them are based on error detection schemes.


Fault injection

A fault injection attack involves stressing the
transistors A transistor is a semiconductor device used to Electronic amplifier, amplify or electronic switch, switch electrical signals and electric power, power. It is one of the basic building blocks of modern electronics. It is composed of semicondu ...
responsible for
encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...
tasks to generate faults that will then be used as input for analysis. The stress can be an electromagnetic pulse (EM pulse or
laser A laser is a device that emits light through a process of optical amplification based on the stimulated emission of electromagnetic radiation. The word ''laser'' originated as an acronym for light amplification by stimulated emission of radi ...
pulse). Practical fault injection consists of using an electromagnetic probe connected to a pulser or a laser generating a disturbance of a similar length to the processor's cycle time (of the order of a nanosecond). The energy transferred to the chip may be sufficient to burn out certain components of the chip, so the voltage of the pulser (a few hundred volts) and the positioning of the probe must be finely calibrated. For greater precision, the chips are often decapsulated (chemically eroded to expose the bare silicon).


References

Side-channel attacks {{crypto-stub