More Web Proxy on the site http://driver.im/

research-article

TRAITOR: A Low-Cost Evaluation Platform for Multifault Injection

Authors:

Ludovic Claudepierre,

Pierre-Yves Péneau,

Erven RohouAuthors Info & Claims

ASSS '21: Proceedings of the 2021 International Symposium on Advanced Security on Software and Systems

Pages 51 - 56

https://doi.org/10.1145/3457340.3458303

Published: 04 June 2021 Publication History

Abstract

Fault injection is a well-known method to physically attack embedded systems, microcontrollers in particular. It aims to find and exploit vulnerabilities in the hardware to induce malfunction in the software and eventually bypass software security or retrieve sensitive information. We propose a low-cost platform called TRAITOR inducing faults with clock glitches with the capacity to inject numerous and precise bursts of faults. From an evaluation point of view, this platform allows easier and cheaper investigations over complex attacks than costly EMI benches or laser probes.

Supplementary Material

MP4 File (ASS21-asss07s.mp4)

We present a low-cost platform called TRAITOR inducing faults with clock glitches with the capacity to inject numerous and precise bursts of faults. TRAITOR provides to users the possibility to evaluate the security of a microcontroller and its software against multifault attacks

Download
30.59 MB

References

[1]

Josep Balasch, Benedikt Gierlichs, and Ingrid Verbauwhede. An In-Depth and Black-Box Characterization of the Effects of Clock Glitches on 8-bit MCUs. In Workshop on Fault Diagnosis and Tolerance in Cryptography. IEEE, 2011.

Digital Library

[2]

Claudio Bozzato, Riccardo Focardi, and Francesco Palmarini. Shaping the Glitch: Optimizing Voltage Fault Injection Attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems, pages 199--224, 2019.

[3]

Sebanjila K. Bukasa, Ronan Lashermes, Jean-Louis Lanet, and Axel Legay. Let's Shock Our IoT's Heart: ARMv7-M Under (Fault) Attacks. In 13th International Conference on Availability, Reliability and Security, ARES. ACM, 2018.

Digital Library

[4]

L. Claudepierre and P. Besnier. Microcontroller Sensitivity to Fault-Injection Induced by Near-Field Electromagnetic Interference. In Joint International Symposium on Electromagnetic Compatibility, Sapporo and Asia-Pacific International Symposium on Electromagnetic Compatibility (EMC Sapporo/APEMC), 2019.

[5]

Emmanuelle Dottax, Christophe Giraud, Matthieu Rivain, and Yannick Sierra. On Second-Order Fault Analysis Resistance for CRT-RSA Implementations. In IFIP International Workshop on Information Security Theory and Practices, pages 68--83. Springer, 2009.

Digital Library

[6]

Jean-Max Dutertre, Timothé Riom, Olivier Potin, and Jean-Baptiste Rigaud. Experimental Analysis of the Laser-Induced Instruction Skip Fault Model. In Nordic Conference on Secure IT Systems, pages 221--237. Springer, 2019.

[7]

Sho Endo, Naofumi Homma, Yu-ichi Hayashi, Junko Takahashi, Hitoshi Fuji, and Takafumi Aoki. A Multiple-Fault Injection Attack by Adaptive Timing Control Under Black-Box Conditions and a Countermeasure. In International Workshop on Constructive Side-Channel Analysis and Secure Design. Springer, 2014.

[8]

Chong Hee Kim and Jean-Jacques Quisquater. Fault Attacks for CRT Based RSA: New Attacks, New Results and New Countermeasures. In 1st IFIP International Conference on Information Security Theory and Practices: Smart Cards, Mobile and Ubiquitous Computing Systems, WISTP'07. Springer-Verlag, 2007.

Digital Library

[9]

Alexandre Menu, Jean-Max Dutertre, Olivier Potin, Jean-Baptiste Rigaud, and Jean-Luc Danger. Experimental Analysis of the Electromagnetic Instruction Skip Fault Model. In 2020 15th Design & Technology of Integrated Systems in Nanoscale Era (DTIS), pages 1--7. IEEE, 2020.

[10]

Nicolas Moro, Amine Dehbaoui, Karine Heydemann, Bruno Robisson, and Emmanuelle Encrenaz. Electromagnetic Fault Injection: Towards a Fault Model on a 32-bit Microcontroller. In 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, pages 77--88. IEEE, 2013.

Digital Library

[11]

Pierre-Yves Péneau, Ludovic Claudepierre, Damien Hardy, and Erven Rohou. NOP-Oriented Programming: Should we Care? In European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, September 2020.

[12]

Lionel Rivière, Zakaria Najm, Pablo Rauzy, Jean-Luc Danger, Julien Bringer, and Laurent Sauvage. High Precision Fault Injections on the Instruction Cache of ARMv7-M Architectures. In International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 2015.

[13]

Sergei P Skorobogatov and Ross J Anderson. Optical Fault Induction Attacks. In Int. workshop on cryptographic hardware and embedded systems. Springer, 2002.

Digital Library

[14]

Niek Timmers, Albert Spruyt, and Marc Witteman. Controlling PC on ARM Using Fault Injection. In Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC). IEEE, 2016.

[15]

Bilgiday Yuce, Nahid Farhady Ghalaty, Harika Santapuri, Chinmay Deshpande, Conor Patrick, and Patrick Schaumont. Software Fault Resistance is Futile: Effective Single-Glitch Attacks. In Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC). IEEE, 2016.

Cited By

Boulifa RDi Natale GMaistri P(2024)Internal State Monitoring in RISC-V Microarchitectures for Security Purpose2024 IEEE 25th Latin American Test Symposium (LATS)10.1109/LATS62223.2024.10534613(1-5)Online publication date: 9-Apr-2024
https://doi.org/10.1109/LATS62223.2024.10534613
Upadhyaya DPolian I(2024)Optimizing Waveform Accurate Fault Attacks Using Formal Methods2024 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)10.1109/DFT63277.2024.10753549(1-6)Online publication date: 8-Oct-2024
https://doi.org/10.1109/DFT63277.2024.10753549
Esmaeilian MBeitollahi H(2024)Experimental evaluation of RISC-V micro-architecture against fault injection attackMicroprocessors and Microsystems10.1016/j.micpro.2023.104991104(104991)Online publication date: Feb-2024
https://doi.org/10.1016/j.micpro.2023.104991
Show More Cited By

Index Terms

TRAITOR: A Low-Cost Evaluation Platform for Multifault Injection
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures

Recommendations

A Low-cost Function Call Protection Mechanism Against Instruction Skip Fault Attacks
ASHES '18: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security

Fault attack is a known, dangerous threat to secure embedded systems. Function calls, including system calls, are particularly important but weak links for the integration of security components in a crypto-system. Function calls are vulnerable to an ...
Characterizing and Modeling Synchronous Clock-Glitch Fault Injection
Constructive Side-Channel Analysis and Secure Design
Abstract
In the realm of fault injection (FI), electromagnetic fault injection (EMFI) attacks have garnered significant attention, particularly for their effectiveness against embedded systems with minimal setup. These attacks exploit vulnerabilities with ...
Constructing software countermeasures against instruction manipulation attacks: an approach based on vulnerability evaluation using fault simulator
Abstract
Fault injection attacks (FIA), which cause information leakage by injecting intentional faults into the data or operations of devices, are one of the most powerful methods compromising the security of confidential data stored on these devices. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASSS '21: Proceedings of the 2021 International Symposium on Advanced Security on Software and Systems

June 2021

62 pages

ISBN:9781450384032

DOI:10.1145/3457340

Program Chairs:
Weizhi Meng
Technical University of Denmark, Denmark
,
Li Li
Monash University, Australia

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 June 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '21

Sponsor:

SIGSAC

ASIA CCS '21: ACM Asia Conference on Computer and Communications Security

June 7, 2021

Virtual Event, Hong Kong

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
86
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)7

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Boulifa RDi Natale GMaistri P(2024)Internal State Monitoring in RISC-V Microarchitectures for Security Purpose2024 IEEE 25th Latin American Test Symposium (LATS)10.1109/LATS62223.2024.10534613(1-5)Online publication date: 9-Apr-2024
https://doi.org/10.1109/LATS62223.2024.10534613
Upadhyaya DPolian I(2024)Optimizing Waveform Accurate Fault Attacks Using Formal Methods2024 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)10.1109/DFT63277.2024.10753549(1-6)Online publication date: 8-Oct-2024
https://doi.org/10.1109/DFT63277.2024.10753549
Esmaeilian MBeitollahi H(2024)Experimental evaluation of RISC-V micro-architecture against fault injection attackMicroprocessors and Microsystems10.1016/j.micpro.2023.104991104(104991)Online publication date: Feb-2024
https://doi.org/10.1016/j.micpro.2023.104991
Faour SVučinić MMaksimovic FBurnett DMuhlethaler PWatteyne TPister K(2023)Implications of Physical Fault Injections on Single Chip Motes2023 IEEE 9th World Forum on Internet of Things (WF-IoT)10.1109/WF-IoT58464.2023.10539380(1-6)Online publication date: 12-Oct-2023
https://doi.org/10.1109/WF-IoT58464.2023.10539380
Ebrahimabadi MMehjabin SViera RGuilley SDanger JDutertre JKarimi N(2023)DELFINES: Detecting Laser Fault Injection Attacks via Digital SensorsIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2023.332262343:3(774-787)Online publication date: 6-Oct-2023
https://dl.acm.org/doi/10.1109/TCAD.2023.3322623
Tollec SAsavoae MCourousse DHeydemann KJan M(2022)Exploration of Fault Effects on Formal RISC-V Microarchitecture Models2022 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)10.1109/FDTC57191.2022.00017(73-83)Online publication date: Sep-2022
https://doi.org/10.1109/FDTC57191.2022.00017
Breier JHou X(2022)How Practical Are Fault Injection Attacks, Really?IEEE Access10.1109/ACCESS.2022.321721210(113122-113130)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3217212
Shrivastwa RGuilley SDanger J(2021)Multi-source Fault Injection Detection Using Machine Learning and Sensor FusionSecurity and Privacy10.1007/978-3-030-90553-8_7(93-107)Online publication date: 9-Nov-2021
https://doi.org/10.1007/978-3-030-90553-8_7

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents