Scheduled System Maintenance
On Wednesday, December 20, IEEE Xplore will undergo scheduled maintenance from 1:00-5:00 PM ET.
During this time, there may be intermittent impact on performance. We apologize for any inconvenience.

2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography

10-10 Aug. 2008

Filter Results

Displaying Results 1 - 23 of 23
  • [Front cover]

    Publication Year: 2008, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (199 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (24 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (53 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (45 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008, Page(s):v - vi
    Request permission for commercial reuse | PDF file iconPDF (82 KB)
    Freely Available from IEEE
  • Preface

    Publication Year: 2008, Page(s):vii - viii
    Cited by:  Papers (1)
    Request permission for commercial reuse | PDF file iconPDF (60 KB) | HTML iconHTML
    Freely Available from IEEE
  • Organizing Committee

    Publication Year: 2008, Page(s): ix
    Request permission for commercial reuse | PDF file iconPDF (44 KB)
    Freely Available from IEEE
  • Program Committee

    Publication Year: 2008, Page(s): x
    Request permission for commercial reuse | PDF file iconPDF (52 KB)
    Freely Available from IEEE
  • Silicon-level Solutions to Counteract Passive and Active Attacks

    Publication Year: 2008, Page(s):3 - 17
    Cited by:  Papers (11)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (3028 KB) | HTML iconHTML

    This article presents a family of cryptographic ASICs, called SecMat, designed in CMOS 130 nanometer technology by the authors with the help of STMicroelectronics.The purpose of these prototype circuits is to experience with the published ``implementation-level'' attacks(SPA, DPA, EMA, templates, DFA). We report our conclusions about the practicability of these attacks:which ones are the most simp... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Aspects of the Development of Secure and Fault-Resistant Hardware

    Publication Year: 2008, Page(s):18 - 22
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (123 KB) | HTML iconHTML

    Designing "secure hardware" like a chip card controller, is a challenging task for hardware manufacturers: More and more attacks that are also more and more sophisticated generate a need for more and more countermeasures. Developers of these devices have to live with certain additional constraints and this does not make their life easier. The difficulties that the designer of such a system is conf... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improved Differential Fault Analysis on CLEFIA

    Publication Year: 2008, Page(s):25 - 34
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (497 KB) | HTML iconHTML

    We propose a more efficient differential fault analysis (DFA) attack on CLEFIA, the 128-bit block cipher developed by Sony Corporation in 2007. In the previous study, the most efficient DFA attack on CLEFIA with a 128-bit key uses approximately 18 pairs of correct and faulty ciphertexts. We develop a new attack method and show that only 2 pairs of correct and faulty ciphertexts are needed to retri... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Masking Does Not Protect Against Differential Fault Attacks

    Publication Year: 2008, Page(s):35 - 40
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (200 KB) | HTML iconHTML

    Over the past ten years, cryptographic algorithms have been found to be vulnerable against side-channel attacks such as power analysis attacks, timing attacks, electromagnetic radiation attacks and fault attacks. These attacks capture leaking information from an implementation of the algorithm in software or in hardware and apply cryptanalytical and statistical tools to recover the secret keys. A ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comparative Analysis of Robust Fault Attack Resistant Architectures for Public and Private Cryptosystems

    Publication Year: 2008, Page(s):41 - 50
    Cited by:  Papers (21)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (357 KB) | HTML iconHTML

    The adaptive and active nature of fault based side-channel attacks along with the large arsenal of fault injection methods complicates the design of effective countermeasures. To overcome the unpredictability of fault attackers protection methods based on robust codes were proposed which can provide uniform error detection against all errors eliminating possible weaknesses in the protection. In th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Practical Fault Attack on Square and Multiply

    Publication Year: 2008, Page(s):53 - 58
    Cited by:  Papers (24)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (459 KB) | HTML iconHTML

    In order to provide security for a device, cryptographic algorithms are implemented on them. Even devices using a cryptographically secure algorithm may be vulnerable to implementation attacks like side channel analysis or fault attacks. Most fault attacks on RSA concentrate on the vulnerability of the Chinese Remainder Theorem to fault injections. A few other attacks on RSA which do not use this ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Exploiting Hardware Performance Counters

    Publication Year: 2008, Page(s):59 - 67
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (387 KB) | HTML iconHTML

    We introduce the usage of hardware performance counters (HPCs) as a new method that allows very precise access to known side channels and also allows access to many new side channels. Many current architectures provide hardware performance counters, which allow the profiling of software during runtime. Though they allow detailed profiling they are noisy by their very nature; HPC hardware is not va... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Generic Fault Countermeasure Providing Data and Program Flow Integrity

    Publication Year: 2008, Page(s):68 - 73
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (215 KB) | HTML iconHTML

    So far many software countermeasures against fault attacks have been proposed. However, most of them are tailored to a specific cryptographic algorithm or focus on securing the processed data only. In this work we present a generic and elegant approach by using a highly fault secure algebraic structure. This structure is compatible to finite fields and rings and preserves its error detection prope... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Error Detection for Borrow-Save Adders Dedicated to ECC Unit

    Publication Year: 2008, Page(s):77 - 86
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (314 KB) | HTML iconHTML

    Differential Fault Analysis (DFA) is a real threat for elliptic curve cryptosystems. This paper describes an elliptic curve cryptoprocessor unit resistant against fault injection. This resistance is provided by the use of parity preserving logic gates in the operating structure of the ECC unit, which is based on borrow-save adders. The proposed countermeasure provides a high coverage fault detecti... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Security of a Unified Countermeasure

    Publication Year: 2008, Page(s):87 - 91
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (161 KB) | HTML iconHTML

    Implementation attacks are a major threat for cryptographic applications. Recently, Baek and Vasyltsov (ISPEC 2007) proposed a unified countermeasure for protecting elliptic curve implementations against a variety of implementation attacks, including differential power attacks and fault attacks. This paper studies the security of this countermeasure. In particular, it shows that the fault coverage... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault Attack on Elliptic Curve Montgomery Ladder Implementation

    Publication Year: 2008, Page(s):92 - 98
    Cited by:  Papers (23)  |  Patents (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (231 KB) | HTML iconHTML

    In this paper, we present a new fault attack on elliptic curve scalar product algorithms. This attack is tailored to work on the classical Montgomery ladder method when the y-coordinate is not used. No weakness has been reported so far on such implementations, which are very efficient and were promoted by several authors. But taking into account the twist of the elliptic curves, we show how, with ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • In(security) Against Fault Injection Attacks for CRT-RSA Implementations

    Publication Year: 2008, Page(s):101 - 107
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (241 KB) | HTML iconHTML

    Since its invention in 1977, the celebrated RSA primitive has remained unbroken from a mathematical point of view, and has been widely used to build provably secure encryption or signature protocols. However, the introduction in 1996 of a new model of attacks - based on fault injections - by Boneh, deMillo and Lipton suggests the use of specific countermeasures to obtain a secure RSA implementatio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Attacks on Authentication and Signature Schemes Involving Corruption of Public Key (Modulus)

    Publication Year: 2008, Page(s):108 - 115
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (224 KB) | HTML iconHTML

    Brier et al (2006) showed how to attack RSA by induction of faults in public modulus n. We propose to use the same kind of technique to attack other asymmetric cryptographic schemes. The most interesting case in which we use a somewhat different approach is the attack on Elliptic Curves based signature protocol (namely ECDSA). Here we also take advantage of the short keys to offer a nontrivial pra... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2008, Page(s): 116
    Request permission for commercial reuse | PDF file iconPDF (43 KB)
    Freely Available from IEEE
  • [Publisher's information]

    Publication Year: 2008, Page(s): 118
    Request permission for commercial reuse | PDF file iconPDF (71 KB) | HTML iconHTML
    Freely Available from IEEE