Synthesis of Fault Attacks on Cryptographic Implementations

Abstract : Fault attacks are attacks in which an adversary with physical access to a cryptographic device, say a smartcard, tampers with the execution of an algorithm to retrieve secret mate-rial. Since the seminal Bellcore attack on modular exponen-tiation, there has been extensive work to discover new fault attacks against cryptographic schemes and develop counter-measures against such attacks. Originally focused on high-level algorithmic descriptions, these efforts increasingly fo-cus on concrete implementations. While lowering the ab-straction level leads to new fault attacks, it also makes their discovery significantly more challenging. In order to face this trend, it is therefore desirable to develop principled, tool-supported approaches that allow a systematic analy-sis of the security of cryptographic implementations against fault attacks. We propose, implement, and evaluate a new approach for finding fault attacks against cryptographic implementa-tions. Our approach is based on identifying implementation-independent mathematical properties, or fault conditions. We choose fault conditions so that it is possible to recover secret data purely by computing on sufficiently many data points that satisfy them. Fault conditions capture the essence of a large number of attacks from the literature, including lattice-based attacks on RSA. Moreover, they provide a ba-sis for discovering automatically new attacks: using fault conditions, we specify the problem of finding faulted imple-mentations as a program synthesis problem. Using a special-ized form of program synthesis, we discover multiple faulted attacks on RSA and ECDSA. Several of the attacks found by our tool are new, and of independent interest.
Type de document :
Communication dans un congrès
ACM CCS 2014, Nov 2014, Scottsdale, United States. ACM, pp.16, 2014, ACM SIGSAC Conference on Computer and Communications Security. 〈http://www.sigsac.org/ccs/CCS2014/〉. 〈10.1145/2660267.2660304〉
Liste complète des métadonnées

Littérature citée [45 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01094034
Contributeur : Pierre-Alain Fouque <>
Soumis le : jeudi 11 décembre 2014 - 15:22:36
Dernière modification le : mardi 16 janvier 2018 - 15:54:26
Document(s) archivé(s) le : samedi 15 avril 2017 - 07:24:20

Fichier

paper.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Gilles Barthe, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, Jean-Christophe Zapalowicz. Synthesis of Fault Attacks on Cryptographic Implementations. ACM CCS 2014, Nov 2014, Scottsdale, United States. ACM, pp.16, 2014, ACM SIGSAC Conference on Computer and Communications Security. 〈http://www.sigsac.org/ccs/CCS2014/〉. 〈10.1145/2660267.2660304〉. 〈hal-01094034〉

Partager

Métriques

Consultations de la notice

215

Téléchargements de fichiers

141