Feeding Three Birds With One Scone: A Generic Duplication Based Countermeasure To Fault Attacks
Anubhab Baksi1,a, Shivam Bhasin1,b, Jakub Breier2, Anupam Chattopadhyay1,c, Vinay B. Y. Kumar1,d
1Nanyang Technological University, Singapore
aanubhab001@e.ntu.edu.sg
bsbhasin@ntu.edu.sg
canupam@ntu.edu.sg
dvinayby@iitbombay.org
2Silicon Austria Labs, Graz, Austria
jbreier@jbreier.com
ABSTRACT
In the current world of the Internet-of-things and edge computing, computations are increasingly performed locally on small connected systems. As such, those devices are often vulnerable to adversarial physical access, enabling a plethora of physical attacks which is a challenge even if such devices are built for security.
As cryptography is one of the cornerstones of secure communication among devices, the pertinence of fault attacks is becoming increasingly apparent in a setting where a device can be easily accessed in a physical manner. In particular, two recently proposed fault attacks, Statistical Ineffective Fault Attack (SIFA) and the Fault Template Attack (FTA) are shown to be formidable due to their capability to bypass the common duplication based countermeasures. Duplication based countermeasures, deployed to counter the Differential Fault Attack (DFA), work by duplicating the execution of the cipher followed by a comparison to sense the presence of any effective fault, followed by an appropriate recovery procedure. While a handful of countermeasures are proposed against SIFA, no such countermeasure is known to thwart FTA to date.
Keywords: Fault Attack, Countermeasures, DFA, SIFA, FTA.