International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Divided We Stand, United We Fall: Security Analysis of Some SCA+SIFA Countermeasures Against SCA-Enhanced Fault Template Attacks

Authors:
Sayandeep Saha , Indian Institute of Technology, Kharagpur
Arnab Bag , Indian Institute of Technology, Kharagpur
Dirmanto Jap , Temasek Labs, Nanyang Technological University, Singapore
Debdeep Mukhopadhyay , Indian Institute of Technology, Kharagpur
Shivam Bhasin , Temasek Labs, Nanyang Technological University, Singapore
Download:
DOI: 10.1007/978-3-030-92075-3_3
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2021
Abstract: Protection against side-channel (SCA) and fault attacks (FA) requires two classes of countermeasures to be simultaneously embedded in a cryptographic implementation. It has already been shown that a straightforward combination of SCA and FA countermeasures are vul- nerable against FAs, such as Statistical Ineffective Fault Analysis (SIFA) and Fault Template Attacks (FTA). Consequently, new classes of countermeasures have been proposed which prevent against SIFA, and also includes masking for SCA protection. While they are secure against SIFA and SCA individually, one important question is whether the security claim still holds at the presence of a combined SCA and FA adversary. Security against combined attacks is, however, desired, as countermeasures for both threats are included in such implementations. In this paper, we show that some of the recently proposed combined SIFA and SCA countermeasures fall prey against combined attacks. To this end, we enhance the FTA attacks by considering side-channel information during fault injection. The success of the proposed attacks stems from some non-trivial fault propagation properties of S-Boxes, which remains unexplored in the original FTA proposal. The proposed attacks are validated on an open-source software implementation of Keccak with SIFA-protected χ 5 S-Box with laser fault injection and power measurement, and a hardware implementation of a SIFA-protected χ3 S-Box through gate-level power trace simulation. Finally, we discuss some mitigation strategies to strengthen existing countermeasures.
Video from ASIACRYPT 2021
BibTeX
@inproceedings{asiacrypt-2021-31463,
  title={Divided We Stand, United We Fall: Security Analysis of Some SCA+SIFA Countermeasures Against SCA-Enhanced Fault Template Attacks},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-030-92075-3_3},
  author={Sayandeep Saha and Arnab Bag and Dirmanto Jap and Debdeep Mukhopadhyay and Shivam Bhasin},
  year=2021
}