Title: Securing Cryptographic Hardware against Fault Attacks (Het beveiligen van cryptografische hardware tegen foutaanvallen)
Other Titles: Securing Cryptographic Hardware against Fault Attacks
Authors: Karaklajic, Dusko; S0206559
Issue Date: 11-Dec-2012
Abstract: This research provides a set of methods, tools and design guidelines that help a designer to construct an embedded device that is secure against fault attacks. The main idea behind fault attacks is to disturb the normal operation of a cryptographic embedded device by applying some form of physical stress in order to collect the faulty outputs and exploit them to reveal the secret data. Security against fault attacks is today an important requirement when overall security of an embedded device is evaluated.The first part of the thesis analyzes how a fault can be injected in a device, which parts of the device can be the target of a fault attack, and how the faulty computation is exploited to reveal the secret data. Further, we analyze the existing countermeasures against fault attacks, discuss their effectiveness against different classes of attacks and estimate their area and performance overhead. Such analysis serves as a motivation for the rest of the thesis. The second part of the thesis is devoted to protection against so-called safe-error attacks. We present a design flow that takes a cryptographic algorithm as the input and results in the implementation that is secure against this particular type of fault attacks. We develop a method that checks the security of a design at both algorithmic and register-transfer design abstraction level, thus ensuring that a possible vulnerability is detected at an early stage of the design process. Such approach significantly reduces the time to a secure device. The next part of the thesis presents a low-cost protection method against differential fault attacks on elliptic curve cryptography (ECC). Considering the standard design choices for the constrained ECCimplementation, we develop the countermeasure that introduces minimal performance and area overhead.Finally, the last part of the thesis presents a secure testing scheme for cryptographic System-on-Chips (SoCs). By re-using the existing modular multiplier, we develop the complete Built-In Self-Test (BIST)infrastructure used to test the other security-sensitive components in the cryptographic SoC. Such approach provides a secure testing scheme at the minimal cos
Publication status: published
KU Leuven publication type: TH
Appears in Collections:ESAT - COSIC, Computer Security and Industrial Cryptography (+)

Files in This Item:
File Status SizeFormat
phdDusko.pdf Published 2908KbAdobe PDFView/Open Request a copy

These files are only available to some KU Leuven Association staff members


All items in Lirias are protected by copyright, with all rights reserved.