Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs
Abstract
:1. Introduction
- The classification of the most relevant types of attacks on physical implementations, focusing on attacks by the manipulation of supply voltage and temperature and the injection of electromagnetic pulses.
- The proposal of a methodology for the design of the detection scheme based on analog-to-digital converters, serving as a countermeasure to prevent information leakage.
- The development of two experimental case studies to evaluate the proposed design methodology. One focused on voltage and temperature manipulation. The other pertained to the injection of electromagnetic pulses.
- The comparison of the results obtained from the proposed system with the schemes reported in the literature.
2. Physical Fault Injection Implementation Attacks
2.1. Voltage and Temperature Attacks
2.2. Electromagnetic Attacks
3. Design Methodology to Protect against Attacks
4. Setups and Results
4.1. Voltage and Temperature Setup
4.2. Voltage and Temperature Results
4.3. Electromagnetic Setup
4.4. Electromagnetic Results
4.5. Comparison with Other Protection Schemes
5. Conclusions
Author Contributions
Funding
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
Abbreviations
ADC | Analog-to-digital converter |
AES | Advanced Encryption Standard |
AMS | Analog mixed signal |
ASIC | Application-Specific Integrated Circuit |
DES | Data Encryption Standard |
DFA | Differential Fault Analysis |
EM | Electromagnetic |
EMFI | Electromagnetic Fault Injection |
EMP | Electromagnetic pulse |
FF | Flip-flop |
FIA | Fault injection attack |
FPGA | Field-Programmable Gate Array |
IFA | Ineffective Fault Attack |
IoT | Internet of Things |
NIST | National Institute of Standards and Technology |
PC | Personal Computer |
RAM | Random-Access Memory |
SCA | Side-Channel Analysis |
XADC | Xilinx Analog-to-Digital Converter |
References
- Dutta, I.K.; Ghosh, B.; Bayoumi, M. Lightweight Cryptography for Internet of Insecure Things: A Survey. In Proceedings of the IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC’19), Las Vegas, NV, USA, 7–9 January 2019; pp. 475–481. [Google Scholar]
- Mahmoud, R.; Yousuf, T.; Aloul, F.; Zualkernan, I. Internet of things (IoT) security: Current status, challenges and prospective measures. In Proceedings of the International Conference for Internet Technology and Secured Transactions (ICITST’15), London, UK, 14–16 December 2015; pp. 336–341. [Google Scholar]
- Xu, T.; Wendt, J.B.; Potkonjak, M. Security of IoT systems: Design challenges and opportunities. In Proceedings of the International Conference on Computer-Aided Design (ICCAD’14), San Jose, CA, USA, 3–6 November 2014; pp. 417–423. [Google Scholar]
- Gunathilake, N.A.; Al-Dubai, A.; Buchana, W.J. Recent Advances and Trends in Lightweight Cryptography for IoT Security. In Proceedings of the 16th International Conference on Network and Service Management (CNSM’20), Izmir, Turkey, 2–6 November 2020; pp. 1–5. [Google Scholar]
- Kazemi, Z.; Fazeli, M.; Hely, D.; Beroulle, V. Hardware Security Vulnerability Assessment to Identify the Potential Risks in a Critical Embedded Application. In Proceedings of the IEEE 26th International Symposium on On-Line Testing and Robust System Design (IOLTS’20), Napoli, Italy, 13–15 July 2020; pp. 1–6. [Google Scholar]
- Bar-El, H.; Choukri, H.; Naccache, D.; Tunstall, M.; Whelan, C. The Sorcerer’s Apprentice Guide to Fault Attacks. Proc. IEEE 2006, 94, 370–382. [Google Scholar] [CrossRef]
- Mangard, S.; Oswald, E.; Popp, T. Power Analysis Attacks: Revealing the Secrets of Smart Cards; Springer Science & Business Media: Berlin, Germany, 2008; Volume 31. [Google Scholar]
- Tena-Sánchez, E.; Potestad-Ordónez, F.E.; Jiménez-Fernández, C.J.; Acosta, A.J.; Chaves, R. Gate-level hardware countermeasure comparison against power analysis attacks. Appl. Sci. 2022, 12, 2390. [Google Scholar] [CrossRef]
- Kudithi, T. An efficient hardware implementation of the elliptic curve cryptographic processor over prime field. Int. J. Circuit Theory Appl. 2020, 48, 1256–1273. [Google Scholar] [CrossRef]
- Marchesan, G.C.; Weirich, N.R.; Culau, E.C.; Weber, I.I.; Moraes, F.G.; Carara, E.; de Oliveira, L.L. Exploring RSA Performance up to 4096-bit for Fast Security Processing on a Flexible Instruction Set Architecture Processor. In Proceedings of the IEEE International Conference on Electronics, Circuits and Systems (ICECS’18), Bordeaux, France, 9–12 December 2018; pp. 757–760. [Google Scholar]
- Dong, X.; Zhang, L.; Gao, X. An Efficient FPGA Implementation of ECC Modular Inversion over F256. In Proceedings of the International Conference on Cryptography, Security and Privacy (ICCSP’18), Guiyang, China, 16–18 March 2018; pp. 29–33. [Google Scholar]
- Tanougast, C. Hardware Implementation of Chaos Based Cipher: Design of Embedded Systems for Security Applications. In Proceedings of the Chaos-Based Cryptography, Studies in Computational Intelligence, Bordeaux, France, 9–12 December 2018; Kocarev, L., Lian, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2011; Volume 354. [Google Scholar]
- Biehl, I.; Meyer, B.; Müller, V. Differential fault attacks on elliptic curve cryptosystems. In Proceedings of the Annual International Cryptology Conference (CRYPTO’00), Santa Barbara, CA, USA, 20–24 August 2000; pp. 131–146. [Google Scholar]
- Nitaj, A.; Fouotsa, E. A new attack on RSA and Demytko’s elliptic curve cryptosystem. J. Discret. Math. Sci. Cryptogr. 2019, 22, 391–409. [Google Scholar] [CrossRef]
- Dhanda, S.S.; Singh, B.; Jindal, P. Demystifying elliptic curve cryptography: Curve selection, implementation and countermeasures to attacks. J. Interdiscip. Math. 2020, 23, 463–470. [Google Scholar] [CrossRef]
- Biham, E.; Shamir, A. Differential fault analysis of secret key cryptosystems. Lect. Notes Comput. Sci. Adv. Cryptol. 1997, 1294, 513–525. [Google Scholar]
- Giraud, C. Dfa on aes. In Proceedings of the International Conference on Advanced Encryption Standard, Bonn, Germany, 10–12 May 2004; pp. 27–41. [Google Scholar]
- Dussart, P. Differential Fault Analysis on A.E.S. In Proceedings of the Applied Cryptography and Network Security (ACNS’03), Kunming, China, 16–19 October 2003; pp. 293–306. [Google Scholar]
- Pogue, T.E.; Nicolici, N. Incremental Fault Analysis: Relaxing the Fault Model of Differential Fault Attacks. IEEE Trans. Very Large Scale Integr. (Vlsi) Syst. 2020, 28, 750–763. [Google Scholar] [CrossRef]
- Piret, G.; Quisquater, F. A Differential Fault Attack Technique against SPN Structures, with Application to the AES. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems (CHES’03), Cologne, Germany, 8–10 September 2003; pp. 77–88. [Google Scholar]
- Pub, NIST FIPS. 197: Advanced Encryption Standard (AES). Fed. Inf. Process. Stand. Publ. 2001, 197, 0311. [Google Scholar]
- Barenghi, A.; Bertoni, G.M.; Breveglieri, L.; Pellicioli, M.; Pelosi, G. Low voltage fault attacks to AES. In Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’10), Anaheim, CA, USA, 13–14 June 2010; pp. 7–12. [Google Scholar]
- Potestad-Ordóñez, F.E.; Valencia-Barrero, M.; Baena-Oliva, C.; Parra-Fernández, P.; Jiménez-Fernández, C.J. Breaking Trivium stream cipher implemented in ASIC using experimental attacks and DFA. Sensors 2020, 20, 6909. [Google Scholar] [CrossRef] [PubMed]
- Peterson, I. Chinks in Digital Armor: Exploiting Faults to Break Smart-Card Cryptosystems; Science News; Wiley Online Library: Hoboken, NJ, USA, 1997; Volume 151, pp. 78–79. [Google Scholar]
- Skorobogatov, S. Low Temperature Data Remanence in Static RAM; University of Cambridge, Computer Laboratory: Cambridge, UK, 2002. [Google Scholar]
- Quisquater, J.J.; Samyde, D. Eddy current for magnetic analysis with active sensor. In Proceedings of the eSMART, San Jose, CA, USA, 21–22 November 2002; pp. 185–194. [Google Scholar]
- Baumann, R. Radiation-induced soft errors in advanced semiconductor technologies. IEEE Trans. Device Mater. Reliab. 2005, 5, 305–316. [Google Scholar] [CrossRef]
- Wu, K.; Goessel, M. Low Cost Concurrent Error Detection for the Advanced Encryption Standard. In Proceedings of the International Test Conference (ITC’04), Charlotte, NC, USA, 26–28 October 2004; pp. 1242–1248. [Google Scholar]
- Breveglieri, L.; Koren, I.; Maistri, P. Incorporating Error Detection and Online Reconfiguration into a a Regular Architecture for the Advanced Encryption Standard. In Proceedings of the IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT’05), Monterey, CA, USA, 3–5 October 2005; pp. 72–80. [Google Scholar]
- Yen, C.H.; Wu, B.F. Simple Error Detection Methods for Hardware Implementation of Advanced Encryption Standard. IEEE Trans. Comput. 2006, 55, 720–731. [Google Scholar]
- Kermani, M.M.; Reyhani-Masoleh, A. Parity-based fault detection architecture of S-box for advanced encryption standard. In Proceedings of the IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems (DFT’06), Arlington, VG, USA, 4–6 October 2006; pp. 572–580. [Google Scholar]
- Mozaffari-Kermani, M.; Reyhani-Masoleh, A. A lightweight highperformance fault detection scheme for the advanced encryption standard using composite fields. IEEE Trans. Very Large Scale Integr. (Vlsi) Syst. 2011, 19, 85–91. [Google Scholar] [CrossRef]
- Karpovsky, M.; Kulikowski, K.J.; Taubin, A.; Member, S. Robust Protection Against Fault-Injection Attacks on Smart Cards Implementing the Advanced Encryption Standard. In Proceedings of the International Conference on Dependable Systems and Networks (DSN’04), Florence, Italy, 28 June–1 July 2004; pp. 93–101. [Google Scholar]
- Mestiri, H.; Benhadjyoussef, N.; Machhout, M.; Tourki, R. High performance and reliable fault detection scheme for the advanced encryption standard. Int. Rev. Comput. Softw. (IRECOS’13) 2013, 8, 730–746. [Google Scholar]
- Joye, M.; Manet, P.; Rigaud, J.B. Strengthening hardware AES implementations against fault attacks. IET Inf. Secur. 2007, 1, 106–110. [Google Scholar] [CrossRef]
- Rajendran, J.; Borad, H.; Mantravadi, S.; Karri, R. Slide-based concurrent error detection technique for symmetric block ciphers. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST’10), Anaheim, CA, USA, 13–14 June 2010; pp. 70–75. [Google Scholar]
- Karri, R.; Wu, K.; Mishra, P.; Kim, Y. Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 2002, 21, 1509–1517. [Google Scholar] [CrossRef]
- Chu, J.; Benaissa, M. Error detecting AES using polynomial residue number systems. Microprocess. Microsyst. 2013, 37, 228–234. [Google Scholar] [CrossRef]
Reference | Attack on State | Attack on S-Box | Attack on KeySchedule | Type of Attack | Attack in Round |
---|---|---|---|---|---|
[17] | Yes | No | Yes | S. bit|S. byte | 8 and 9 |
[18] | Yes | ∼ | No | M. bit (same byte) | 7, 8, and 9 |
[19] | Yes | Yes | No | S. byte | 8 |
[20] | Yes | ∼ | No | S. byte— random | During encryption |
(V) | (V) | (V) | |||
---|---|---|---|---|---|
Min. | Max. | Min. | Max. | Min. | Max. |
0.88 | 1.05 | 0.88 | 1.05 | 0.88 | 1.8 |
Scheme | Type of Protection | Area Overhead | Frequency Degradation | Attack Detection | Technology |
---|---|---|---|---|---|
Unprotected | None | 1 | 1 | Artix-7 | |
[28] | Information | 1.08 | 0.7 | 75.6% | Virtex 1000 |
[29] | 1.44 | NIA | 99.12% | NIA | |
[30] | 1.73 | 0.64 | 88% | NIA | |
[31] | 1.40 | NIA | 97% | NIA | |
[32] | 1.32 | 0.97 | 97% | Virtex II | |
[33] | 1.77 | 0.86 | 90% | Virtex E | |
[34] | 1.25 | 0.88 | 98% | Virtex 5 | |
[35] | Hardware | 1.87 | 1 | 100% | Virtex 5 |
[36] | Temporal | 1.07 | 0.83 | 100% | Virtex 4 |
[37] | Combination | 1.38 | 0.78 | 100% | Virtex 6 |
[38] | 1.58 | 0.83 | 93.75% | Spartan 3 | |
Our Scheme | - | 1.01 | 1 | 100% | Artix-7 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Potestad-Ordóñez, F.E.; Casado-Galán, A.; Tena-Sánchez, E. Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs. Sensors 2024, 24, 1598. https://doi.org/10.3390/s24051598
Potestad-Ordóñez FE, Casado-Galán A, Tena-Sánchez E. Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs. Sensors. 2024; 24(5):1598. https://doi.org/10.3390/s24051598
Chicago/Turabian StylePotestad-Ordóñez, Francisco Eugenio, Alejandro Casado-Galán, and Erica Tena-Sánchez. 2024. "Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs" Sensors 24, no. 5: 1598. https://doi.org/10.3390/s24051598