2011 Workshop on Fault Diagnosis and Tolerance in Cryptography

28-28 Sept. 2011

Filter Results

Displaying Results 1 - 23 of 23
  • [Front cover]

    Publication Year: 2011, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (55 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2011, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (33 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2011, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (382 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2011, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (108 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2011, Page(s):v - vi
    Request permission for commercial reuse | PDF file iconPDF (149 KB)
    Freely Available from IEEE
  • Preface

    Publication Year: 2011, Page(s):vii - viii
    Request permission for commercial reuse | PDF file iconPDF (74 KB) | HTML iconHTML
    Freely Available from IEEE
  • Program Committee

    Publication Year: 2011, Page(s): ix
    Request permission for commercial reuse | PDF file iconPDF (100 KB)
    Freely Available from IEEE
  • Acknowledgments

    Publication Year: 2011, Page(s): x
    Request permission for commercial reuse | PDF file iconPDF (57 KB)
    Freely Available from IEEE
  • Contact Information

    Publication Year: 2011, Page(s): xi
    Request permission for commercial reuse | PDF file iconPDF (92 KB)
    Freely Available from IEEE
  • The Fault Attack Jungle - A Classification Model to Guide You

    Publication Year: 2011, Page(s):3 - 8
    Cited by:  Papers (17)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (639 KB) | HTML iconHTML

    For a secure hardware designer, the vast array of fault attacks and countermeasures looks like a jungle. This paper aims at providing a guide through this jungle and at helping a designer of secure embedded devices to protect a design in the most efficient way. We classify the existing fault attacks on implementations of cryptographic algorithms on embedded devices according to different criteria.... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault Sensitivity Analysis Against Elliptic Curve Cryptosystems

    Publication Year: 2011, Page(s):11 - 20
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (430 KB) | HTML iconHTML

    In this paper, we present a fault-based security evaluation for an Elliptic Curve Cryptography (ECC) implementation using the Montgomery Powering Ladder (MPL). We focus in particular on the Lopez-Dahab algorithm, which is used to calculate a point on an elliptic curve efficiently without using the y - coordinate. Several previous fault analysis attacks cannot be applied to the ECC implementation e... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Cost-Effective FPGA-based Fault Simulation Environment

    Publication Year: 2011, Page(s):21 - 31
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (255 KB) | HTML iconHTML

    In this contribution, we present an FPGA-based simulation environment for fault attacks on cryptographic hardware designs. With our methodology, we are able to simulate the effects of global fault attacks from e.g., spikes and local attacks from e.g., focused laser beams. The environment simulates transient bit-flip faults in sequential elements of a digital design. In this way it is tailored to t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Differential Fault Analysis on AES Key Schedule Using Single Fault

    Publication Year: 2011, Page(s):35 - 42
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (356 KB) | HTML iconHTML

    Literature on Differential Fault Analysis (DFA) on AES-128 shows that it is more difficult to attack AES when the fault is induced in the key schedule, than when it is injected in the intermediate states. Recent research shows that DFA on AES key schedule still requires two faulty cipher texts, while it requires only one faulty cipher text and a brute-force search of 2<sup>8</sup> AES-... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • From AES-128 to AES-192 and AES-256, How to Adapt Differential Fault Analysis Attacks on Key Expansion

    Publication Year: 2011, Page(s):43 - 53
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (322 KB) | HTML iconHTML

    Since its announcement, AES has been subject to different DFA attacks. Most of these attacks target the AES with 128-bit key. However, the two other variants are nowadays deployed in various applications and are also submitted to the same attack path. In this paper, we adapt DFA techniques originally used on AES-128 in order to retrieve the whole keys of AES-192 and AES-256. The two main kinds of ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Differential Fault Analysis on the SHA1 Compression Function

    Publication Year: 2011, Page(s):54 - 62
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (228 KB) | HTML iconHTML

    In FDTC 2009, Li et al. published a DFA attack [20] against the symmetric block cipher SHACAL1 [11]. This block cipher substantially consists of the compression function of the hash function SHA1 [16] except for the final addition operation. When using the SHA1 compression function as a primitive in a keyed hash function like HMAC-SHA1 [17] or in a key derivation function it might be of some inter... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault Injection, A Fast Moving Target in Evaluations

    Publication Year: 2011, Page(s): 65
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2501 KB) | HTML iconHTML

    Differential Fault Analysis has been known since 1996 (Dan Boneh, Richard A. DeMillo and Richard J. Lipton, "The Bellcore Attack") [1]. Before that, the implementa tions of cryptographic functions were developed without the awareness of fault analysis attacks. The first fault injection set-ups produced single voltage glitches or single light flashes at a single location on the silicon. A range of ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On Protecting Cryptographic Applications Against Fault Attacks Using Residue Codes

    Publication Year: 2011, Page(s):69 - 79
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (293 KB) | HTML iconHTML

    We propose a new class of error detection codes, {\em quadratic dual residue codes}, to protect cryptographic computations running on general-purpose processor cores against fault attacks. The assumed adversary model is a powerful one, whereby the attacker can inject errors anywhere in the data path of a general-purpose microprocessor by bit flipping. We demonstrate that quadratic dual residue cod... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A High-Performance Fault Diagnosis Approach for the AES SubBytes Utilizing Mixed Bases

    Publication Year: 2011, Page(s):80 - 87
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (260 KB) | HTML iconHTML

    The Sub Bytes (S-boxes) is the only non-linear transformation in the encryption of the Advanced Encryption Standard (AES), occupying more than half of its hardware implementation resources. One important required aspect of the hardware architectures of the S-boxes is the reliability of their implementations. This can be compromised by occurrence of internal faults or intrusion of the attackers. In... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practical Optical Fault Injection on Secure Microcontrollers

    Publication Year: 2011, Page(s):91 - 99
    Cited by:  Papers (38)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (396 KB) | HTML iconHTML

    In this paper we detail the latest developments regarding optical fault injection on secure micro controllers. On these targets, a combination of countermeasures makes fault injection less than trivial. We develop fault injection methods to show experimentally that protected smart cards are still vulnerable. We perform power signal guided fault injection, using a triggering mechanism based on real... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Local and Direct EM Injection of Power Into CMOS Integrated Circuits

    Publication Year: 2011, Page(s):100 - 104
    Cited by:  Papers (19)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1659 KB) | HTML iconHTML

    The paper aims at demonstrating experimentally that the tiny Electro Magnetic (EM) coupling between the tip end of a micro-antenna is sufficient to locally and directly inject power into CMOS Integrated Circuits (IC). More precisely, experimental results show that such electrical couplings are sufficient to disturb, with and without removing the IC package, the behavior of 90nm CMOS Ring Oscillato... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs

    Publication Year: 2011, Page(s):105 - 114
    Cited by:  Papers (35)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (761 KB) | HTML iconHTML

    The literature about fault analysis typically describes fault injection mechanisms, e.g. glitches and lasers, and cryptanalytic techniques to exploit faults based on some assumed fault model. Our work narrows the gap between both topics. We thoroughly analyse how clock glitches affect a commercial low-cost processor by performing a large number of experiments on five devices. We observe that the e... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2011, Page(s): 115
    Request permission for commercial reuse | PDF file iconPDF (85 KB)
    Freely Available from IEEE
  • [Roster page]

    Publication Year: 2011, Page(s): 116
    Request permission for commercial reuse | PDF file iconPDF (78 KB)
    Freely Available from IEEE