Persistent Fault Attack in Practice

Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully inve...
Ausführliche Beschreibung

Gespeichert in:

Autor*in:	Fan Zhang [verfasserIn] Yiran Zhang [verfasserIn] Huilong Jiang [verfasserIn] Xiang Zhu [verfasserIn] Shivam Bhasin [verfasserIn] Xinjie Zhao [verfasserIn] Zhe Liu [verfasserIn] Dawu Gu [verfasserIn] Kui Ren [verfasserIn]

Format:	E-Artikel
Sprache:	Englisch

Erschienen:	2020

Schlagwörter:	PFA Fault Injection SRAM MLE AES PRESENT

Übergeordnetes Werk:	In: Transactions on Cryptographic Hardware and Embedded Systems - Ruhr-Universität Bochum, 2020, (2020), 2
Übergeordnetes Werk:	year:2020 ; number:2

Links:	Link aufrufen Link aufrufen Link aufrufen Journal toc

DOI / URN:	10.13154/tches.v2020.i2.172-195

Katalog-ID:	DOAJ004126378

Internformat


LEADER	01000caa a22002652 4500
001	DOAJ004126378
003	DE-627
005	20230309182237.0
007	cr uuu---uuuuu
008	230225s2020 xx \|\|\|\|\|o 00\| \|\|eng c
024	7		\|a 10.13154/tches.v2020.i2.172-195 \|2 doi
035			\|a (DE-627)DOAJ004126378
035			\|a (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1
040			\|a DE-627 \|b ger \|c DE-627 \|e rakwb
041			\|a eng
050		0	\|a TK7885-7895
050		0	\|a T58.5-58.64
100	0		\|a Fan Zhang \|e verfasserin \|4 aut
245	1	0	\|a Persistent Fault Attack in Practice
264		1	\|c 2020
336			\|a Text \|b txt \|2 rdacontent
337			\|a Computermedien \|b c \|2 rdamedia
338			\|a Online-Ressource \|b cr \|2 rdacarrier
520			\|a Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.
650		4	\|a PFA
650		4	\|a Fault Injection
650		4	\|a SRAM
650		4	\|a MLE
650		4	\|a AES
650		4	\|a PRESENT
653		0	\|a Computer engineering. Computer hardware
653		0	\|a Information technology
700	0		\|a Yiran Zhang \|e verfasserin \|4 aut
700	0		\|a Huilong Jiang \|e verfasserin \|4 aut
700	0		\|a Xiang Zhu \|e verfasserin \|4 aut
700	0		\|a Shivam Bhasin \|e verfasserin \|4 aut
700	0		\|a Xinjie Zhao \|e verfasserin \|4 aut
700	0		\|a Zhe Liu \|e verfasserin \|4 aut
700	0		\|a Dawu Gu \|e verfasserin \|4 aut
700	0		\|a Kui Ren \|e verfasserin \|4 aut
773	0	8	\|i In \|t Transactions on Cryptographic Hardware and Embedded Systems \|d Ruhr-Universität Bochum, 2020 \|g (2020), 2 \|w (DE-627)101491387X \|x 25692925 \|7 nnns
773	1	8	\|g year:2020 \|g number:2
856	4	0	\|u https://doi.org/10.13154/tches.v2020.i2.172-195 \|z kostenfrei
856	4	0	\|u https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 \|z kostenfrei
856	4	0	\|u https://tches.iacr.org/index.php/TCHES/article/view/8548 \|z kostenfrei
856	4	2	\|u https://doaj.org/toc/2569-2925 \|y Journal toc \|z kostenfrei
912			\|a GBV_USEFLAG_A
912			\|a SYSFLAG_A
912			\|a GBV_DOAJ
912			\|a GBV_ILN_11
912			\|a GBV_ILN_20
912			\|a GBV_ILN_22
912			\|a GBV_ILN_23
912			\|a GBV_ILN_24
912			\|a GBV_ILN_31
912			\|a GBV_ILN_39
912			\|a GBV_ILN_40
912			\|a GBV_ILN_60
912			\|a GBV_ILN_62
912			\|a GBV_ILN_63
912			\|a GBV_ILN_65
912			\|a GBV_ILN_69
912			\|a GBV_ILN_70
912			\|a GBV_ILN_73
912			\|a GBV_ILN_95
912			\|a GBV_ILN_105
912			\|a GBV_ILN_110
912			\|a GBV_ILN_151
912			\|a GBV_ILN_161
912			\|a GBV_ILN_170
912			\|a GBV_ILN_213
912			\|a GBV_ILN_230
912			\|a GBV_ILN_267
912			\|a GBV_ILN_285
912			\|a GBV_ILN_293
912			\|a GBV_ILN_370
912			\|a GBV_ILN_602
912			\|a GBV_ILN_2014
912			\|a GBV_ILN_4012
912			\|a GBV_ILN_4037
912			\|a GBV_ILN_4112
912			\|a GBV_ILN_4125
912			\|a GBV_ILN_4126
912			\|a GBV_ILN_4249
912			\|a GBV_ILN_4305
912			\|a GBV_ILN_4306
912			\|a GBV_ILN_4307
912			\|a GBV_ILN_4313
912			\|a GBV_ILN_4322
912			\|a GBV_ILN_4323
912			\|a GBV_ILN_4324
912			\|a GBV_ILN_4325
912			\|a GBV_ILN_4326
912			\|a GBV_ILN_4335
912			\|a GBV_ILN_4338
912			\|a GBV_ILN_4367
912			\|a GBV_ILN_4700
951			\|a AR
952			\|j 2020 \|e 2

Indexfelder

author_variant	f z fz y z yz h j hj x z xz s b sb x z xz z l zl d g dg k r kr
matchkey_str	article:25692925:2020----::essetalatc
hierarchy_sort_str	2020
callnumber-subject-code	TK
publishDate	2020
allfields	10.13154/tches.v2020.i2.172-195 doi (DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1 DE-627 ger DE-627 rakwb eng TK7885-7895 T58.5-58.64 Fan Zhang verfasserin aut Persistent Fault Attack in Practice 2020 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers. PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology Yiran Zhang verfasserin aut Huilong Jiang verfasserin aut Xiang Zhu verfasserin aut Shivam Bhasin verfasserin aut Xinjie Zhao verfasserin aut Zhe Liu verfasserin aut Dawu Gu verfasserin aut Kui Ren verfasserin aut In Transactions on Cryptographic Hardware and Embedded Systems Ruhr-Universität Bochum, 2020 (2020), 2 (DE-627)101491387X 25692925 nnns year:2020 number:2 https://doi.org/10.13154/tches.v2020.i2.172-195 kostenfrei https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 kostenfrei https://tches.iacr.org/index.php/TCHES/article/view/8548 kostenfrei https://doaj.org/toc/2569-2925 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2020 2
spelling	10.13154/tches.v2020.i2.172-195 doi (DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1 DE-627 ger DE-627 rakwb eng TK7885-7895 T58.5-58.64 Fan Zhang verfasserin aut Persistent Fault Attack in Practice 2020 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers. PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology Yiran Zhang verfasserin aut Huilong Jiang verfasserin aut Xiang Zhu verfasserin aut Shivam Bhasin verfasserin aut Xinjie Zhao verfasserin aut Zhe Liu verfasserin aut Dawu Gu verfasserin aut Kui Ren verfasserin aut In Transactions on Cryptographic Hardware and Embedded Systems Ruhr-Universität Bochum, 2020 (2020), 2 (DE-627)101491387X 25692925 nnns year:2020 number:2 https://doi.org/10.13154/tches.v2020.i2.172-195 kostenfrei https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 kostenfrei https://tches.iacr.org/index.php/TCHES/article/view/8548 kostenfrei https://doaj.org/toc/2569-2925 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2020 2
allfields_unstemmed	10.13154/tches.v2020.i2.172-195 doi (DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1 DE-627 ger DE-627 rakwb eng TK7885-7895 T58.5-58.64 Fan Zhang verfasserin aut Persistent Fault Attack in Practice 2020 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers. PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology Yiran Zhang verfasserin aut Huilong Jiang verfasserin aut Xiang Zhu verfasserin aut Shivam Bhasin verfasserin aut Xinjie Zhao verfasserin aut Zhe Liu verfasserin aut Dawu Gu verfasserin aut Kui Ren verfasserin aut In Transactions on Cryptographic Hardware and Embedded Systems Ruhr-Universität Bochum, 2020 (2020), 2 (DE-627)101491387X 25692925 nnns year:2020 number:2 https://doi.org/10.13154/tches.v2020.i2.172-195 kostenfrei https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 kostenfrei https://tches.iacr.org/index.php/TCHES/article/view/8548 kostenfrei https://doaj.org/toc/2569-2925 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2020 2
allfieldsGer	10.13154/tches.v2020.i2.172-195 doi (DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1 DE-627 ger DE-627 rakwb eng TK7885-7895 T58.5-58.64 Fan Zhang verfasserin aut Persistent Fault Attack in Practice 2020 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers. PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology Yiran Zhang verfasserin aut Huilong Jiang verfasserin aut Xiang Zhu verfasserin aut Shivam Bhasin verfasserin aut Xinjie Zhao verfasserin aut Zhe Liu verfasserin aut Dawu Gu verfasserin aut Kui Ren verfasserin aut In Transactions on Cryptographic Hardware and Embedded Systems Ruhr-Universität Bochum, 2020 (2020), 2 (DE-627)101491387X 25692925 nnns year:2020 number:2 https://doi.org/10.13154/tches.v2020.i2.172-195 kostenfrei https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 kostenfrei https://tches.iacr.org/index.php/TCHES/article/view/8548 kostenfrei https://doaj.org/toc/2569-2925 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2020 2
allfieldsSound	10.13154/tches.v2020.i2.172-195 doi (DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1 DE-627 ger DE-627 rakwb eng TK7885-7895 T58.5-58.64 Fan Zhang verfasserin aut Persistent Fault Attack in Practice 2020 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers. PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology Yiran Zhang verfasserin aut Huilong Jiang verfasserin aut Xiang Zhu verfasserin aut Shivam Bhasin verfasserin aut Xinjie Zhao verfasserin aut Zhe Liu verfasserin aut Dawu Gu verfasserin aut Kui Ren verfasserin aut In Transactions on Cryptographic Hardware and Embedded Systems Ruhr-Universität Bochum, 2020 (2020), 2 (DE-627)101491387X 25692925 nnns year:2020 number:2 https://doi.org/10.13154/tches.v2020.i2.172-195 kostenfrei https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 kostenfrei https://tches.iacr.org/index.php/TCHES/article/view/8548 kostenfrei https://doaj.org/toc/2569-2925 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2020 2
language	English
source	In Transactions on Cryptographic Hardware and Embedded Systems (2020), 2 year:2020 number:2
sourceStr	In Transactions on Cryptographic Hardware and Embedded Systems (2020), 2 year:2020 number:2
format_phy_str_mv	Article
institution	findex.gbv.de
topic_facet	PFA Fault Injection SRAM MLE AES PRESENT Computer engineering. Computer hardware Information technology
isfreeaccess_bool	true
container_title	Transactions on Cryptographic Hardware and Embedded Systems
authorswithroles_txt_mv	Fan Zhang @@aut@@ Yiran Zhang @@aut@@ Huilong Jiang @@aut@@ Xiang Zhu @@aut@@ Shivam Bhasin @@aut@@ Xinjie Zhao @@aut@@ Zhe Liu @@aut@@ Dawu Gu @@aut@@ Kui Ren @@aut@@
publishDateDaySort_date	2020-01-01T00:00:00Z
hierarchy_top_id	101491387X
id	DOAJ004126378
language_de	englisch
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">DOAJ004126378</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230309182237.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">230225s2020 xx \|\|\|\|\|o 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.13154/tches.v2020.i2.172-195</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ004126378</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7885-7895</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">T58.5-58.64</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Fan Zhang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Persistent Fault Attack in Practice</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2020</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">PFA</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Fault Injection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">SRAM</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">MLE</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">AES</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">PRESENT</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer engineering. Computer hardware</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Information technology</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Yiran Zhang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Huilong Jiang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xiang Zhu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Shivam Bhasin</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xinjie Zhao</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Zhe Liu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Dawu Gu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Kui Ren</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">Transactions on Cryptographic Hardware and Embedded Systems</subfield><subfield code="d">Ruhr-Universität Bochum, 2020</subfield><subfield code="g">(2020), 2</subfield><subfield code="w">(DE-627)101491387X</subfield><subfield code="x">25692925</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">year:2020</subfield><subfield code="g">number:2</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.13154/tches.v2020.i2.172-195</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://tches.iacr.org/index.php/TCHES/article/view/8548</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2569-2925</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_11</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_267</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4326</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="j">2020</subfield><subfield code="e">2</subfield></datafield></record></collection>
callnumber-first	T - Technology
author	Fan Zhang
spellingShingle	Fan Zhang misc TK7885-7895 misc T58.5-58.64 misc PFA misc Fault Injection misc SRAM misc MLE misc AES misc PRESENT misc Computer engineering. Computer hardware misc Information technology Persistent Fault Attack in Practice
authorStr	Fan Zhang
ppnlink_with_tag_str_mv	@@773@@(DE-627)101491387X
format	electronic Article
delete_txt_mv	keep
author_role	aut aut aut aut aut aut aut aut aut
collection	DOAJ
remote_str	true
callnumber-label	TK7885-7895
illustrated	Not Illustrated
issn	25692925
topic_title	TK7885-7895 T58.5-58.64 Persistent Fault Attack in Practice PFA Fault Injection SRAM MLE AES PRESENT
topic	misc TK7885-7895 misc T58.5-58.64 misc PFA misc Fault Injection misc SRAM misc MLE misc AES misc PRESENT misc Computer engineering. Computer hardware misc Information technology
topic_unstemmed	misc TK7885-7895 misc T58.5-58.64 misc PFA misc Fault Injection misc SRAM misc MLE misc AES misc PRESENT misc Computer engineering. Computer hardware misc Information technology
topic_browse	misc TK7885-7895 misc T58.5-58.64 misc PFA misc Fault Injection misc SRAM misc MLE misc AES misc PRESENT misc Computer engineering. Computer hardware misc Information technology
format_facet	Elektronische Aufsätze Aufsätze Elektronische Ressource
format_main_str_mv	Text Zeitschrift/Artikel
carriertype_str_mv	cr
hierarchy_parent_title	Transactions on Cryptographic Hardware and Embedded Systems
hierarchy_parent_id	101491387X
hierarchy_top_title	Transactions on Cryptographic Hardware and Embedded Systems
isfreeaccess_txt	true
familylinks_str_mv	(DE-627)101491387X
title	Persistent Fault Attack in Practice
ctrlnum	(DE-627)DOAJ004126378 (DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1
title_full	Persistent Fault Attack in Practice
author_sort	Fan Zhang
journal	Transactions on Cryptographic Hardware and Embedded Systems
journalStr	Transactions on Cryptographic Hardware and Embedded Systems
callnumber-first-code	T
lang_code	eng
isOA_bool	true
recordtype	marc
publishDateSort	2020
contenttype_str_mv	txt
author_browse	Fan Zhang Yiran Zhang Huilong Jiang Xiang Zhu Shivam Bhasin Xinjie Zhao Zhe Liu Dawu Gu Kui Ren
class	TK7885-7895 T58.5-58.64
format_se	Elektronische Aufsätze
author-letter	Fan Zhang
doi_str_mv	10.13154/tches.v2020.i2.172-195
author2-role	verfasserin
title_sort	persistent fault attack in practice
callnumber	TK7885-7895
title_auth	Persistent Fault Attack in Practice
abstract	Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.
abstractGer	Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.
abstract_unstemmed	Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.
collection_details	GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700
container_issue	2
title_short	Persistent Fault Attack in Practice
url	https://doi.org/10.13154/tches.v2020.i2.172-195 https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1 https://tches.iacr.org/index.php/TCHES/article/view/8548 https://doaj.org/toc/2569-2925
remote_bool	true
author2	Yiran Zhang Huilong Jiang Xiang Zhu Shivam Bhasin Xinjie Zhao Zhe Liu Dawu Gu Kui Ren
author2Str	Yiran Zhang Huilong Jiang Xiang Zhu Shivam Bhasin Xinjie Zhao Zhe Liu Dawu Gu Kui Ren
ppnlink	101491387X
callnumber-subject	TK - Electrical and Nuclear Engineering
mediatype_str_mv	c
isOA_txt	true
hochschulschrift_bool	false
doi_str	10.13154/tches.v2020.i2.172-195
callnumber-a	TK7885-7895
up_date	2024-07-03T22:07:04.836Z
_version_	1803597302818930688
fullrecord_marcxml	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">DOAJ004126378</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230309182237.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">230225s2020 xx \|\|\|\|\|o 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.13154/tches.v2020.i2.172-195</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ004126378</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ05b00fadf66a4f46b222f2ed345ab6c1</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7885-7895</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">T58.5-58.64</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Fan Zhang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Persistent Fault Attack in Practice</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2020</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Persistence fault analysis (PFA) is a novel fault analysis technique proposed in CHES 2018 and demonstrated with rowhammer-based fault injections. However, whether such analysis can be applied to traditional fault attack scenario, together with its difficulty in practice, has not been carefully investigated. For the first time, a persistent fault attack is conducted on an unprotected AES implemented on ATmega163L microcontroller in this paper. Several critical challenges are solved with our new improvements, including (1) how to decide whether the fault is injected in SBox; (2) how to use the maximum likelihood estimation to pursue the minimum number of ciphertexts; (3) how to utilize the unknown fault in SBox to extract the key. Our experiments show that: to break AES with physical laser injections despite all these challenges, the minimum and average number of required ciphertexts are 926 and 1641, respectively. It is about 38% and 28% reductions of the ciphertexts required in comparison to 1493 and 2273 in previous work where both fault value and location have to be known. Furthermore, our analysis is extended to the PRESENT cipher. By applying the persistent fault analysis to the penultimate round, the full PRESENT key of 80 bits can be recovered. Eventually, an experimental validation is performed to confirm the accuracy of our attack with more insights. This paper solves the challenges in most aspects of practice and also demonstrates the feasibility and universality of PFA on SPN block ciphers.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">PFA</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Fault Injection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">SRAM</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">MLE</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">AES</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">PRESENT</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer engineering. Computer hardware</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Information technology</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Yiran Zhang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Huilong Jiang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xiang Zhu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Shivam Bhasin</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Xinjie Zhao</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Zhe Liu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Dawu Gu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Kui Ren</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">Transactions on Cryptographic Hardware and Embedded Systems</subfield><subfield code="d">Ruhr-Universität Bochum, 2020</subfield><subfield code="g">(2020), 2</subfield><subfield code="w">(DE-627)101491387X</subfield><subfield code="x">25692925</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">year:2020</subfield><subfield code="g">number:2</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.13154/tches.v2020.i2.172-195</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/05b00fadf66a4f46b222f2ed345ab6c1</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://tches.iacr.org/index.php/TCHES/article/view/8548</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2569-2925</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_11</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_267</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4326</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="j">2020</subfield><subfield code="e">2</subfield></datafield></record></collection>
score	7.4005365

Nicht das Richtige dabei?

Schreiben Sie uns!

Persistent Fault Attack in Practice

Nicht das Richtige dabei?

Zugang & Verfügbarkeit

Vorhandene Bände

Nicht das Richtige dabei?