International Association for Cryptologic Research

International Association
for Cryptologic Research


Beware of Insufficient Redundancy: An Experimental Evaluation of Code-based FI Countermeasures

Timo Bartkewitz , TÜV Informationstechnik GmbH, Essen, Germany
Sven Bettendorf , TÜV Informationstechnik GmbH, Essen, Germany
Thorben Moos , UCLouvain, ICTEAM, Crypto Group, Louvain-la-Neuve, Belgium
Amir Moradi , University of Cologne, Institute for Computer Science, Cologne, Germany
Falk Schellenberg , Max Planck Institute for Security and Privacy, Bochum, Germany
DOI: 10.46586/tches.v2022.i3.438-462
Search ePrint
Search Google
Presentation: Slides
Abstract: Fault injection attacks pose a serious threat to cryptographic implementations. Countermeasures beyond sensors and shields usually deploy some form of redundancy to detect or even correct errors. A few years ago, a novel design methodology called Impeccable Circuits has been introduced on how to correctly integrate Concurrent Error Detection (CED) schemes, based on Error-Detection Codes (EDCs), into cryptographic hardware circuits. The underlying adversary model limits attackers to inject at most t single-bit faults. By additionally considering the propagation of faults in combinational circuits, the countermeasure guarantees detection of any faulty computation caused by up to t single-bit faults.In this work, we present an experimental analysis of the Impeccable Circuits countermeasure and its underlying assumptions in modern semiconductor technology. More precisely, we have taken hardware implementations of the lightweight block cipher SKINNY equipped with various forms of the EDC-based CED schemes and realized them as cryptographic co-processors on a 40nm ASIC to experimentally evaluate their resistance to Laser Fault Injection (LFI) attacks. In short, our results show that it is fairly simple to overcome the protection offered by the integrated countermeasures when the length of the code n is smaller than twice its rank k (i.e., no full redundancy). This is not caused by any flaw in the underlying design methodology or concept, but merely demonstrates how easily the defined adversary model can be overcome. In our case, a standard black-box scan over the target using a common single-shot LFI setup is sufficient to occasionally inject more single-bit faults than those bounded by the underlying adversary model when n < 2k. The probability of such events proved to be large enough to perform successful key-recovery attacks via Differential Fault Analysis (DFA) in a matter of hours. Thus, we caution against limiting the redundancy in code-based FI countermeasures to less than the number of bits per word, especially in nanometer technologies, and point out that less-complex countermeasures like duplication showed a higher level of resistance in our experiments at a lower cost.
  title={Beware of Insufficient Redundancy: An Experimental Evaluation of Code-based FI Countermeasures},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2022, Issue 3},
  author={Timo Bartkewitz and Sven Bettendorf and Thorben Moos and Amir Moradi and Falk Schellenberg},