Learn from Your Faults: Leakage Assessment in Fault Attacks Using Deep Learning
Generic vulnerability assessment of cipher implementations against Fault Attacks (FA) is a largely unexplored research area. Security assessment against FA is critical for FA countermeasures. On several occasions, countermeasures fail to fulfil their sole purpose of preventing FA due to flawed desig...
Gespeichert in:
Veröffentlicht in: | Journal of cryptology 2023-07, Vol.36 (3), Article 19 |
---|---|
Hauptverfasser: | , , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Generic vulnerability assessment of cipher implementations against Fault Attacks (FA) is a largely unexplored research area. Security assessment against FA is critical for FA countermeasures. On several occasions, countermeasures fail to fulfil their sole purpose of preventing FA due to flawed design or implementation. This paper proposes a generic, simulation-based, statistical yes/no experiment for evaluating fault-assisted information leakage based on the principle of
non-interference
. It builds on an initial idea called ALAFA that utilizes
t
-test and its higher-order variants for detecting leakage at different moments of ciphertext distributions. In this paper, we improve this idea with a Deep Learning (DL)-based leakage detection test. The DL-based detection test is not specific to only moment-based leakages. It thus can expose leakages in several cases where
t
-test-based technique demands a prohibitively large number of ciphertexts. Further, we present two generalizations of the leakage assessment experiment—one for evaluating against the statistical ineffective fault model and another for assessing fault-induced leakages originating from “non-cryptographic” peripheral components of a security module. Finally, we explore techniques for efficiently covering the fault space of a block cipher by exploiting logic-level and cipher-level fault equivalences. The efficacy of our proposals has been evaluated on a rich test suite of hardened implementations, including an open-source Statistical Ineffective Fault Attack countermeasure and a hardware security module called Secured-Hardware-Extension. |
---|---|
ISSN: | 0933-2790 1432-1378 |
DOI: | 10.1007/s00145-023-09462-6 |