International Association for Cryptologic Research

International Association
for Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems, Volume 2021

FIVER – Robust Verification of Countermeasures against Fault Injections


Jan Richter-Brockmann
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Aein Rezaei Shahmirzadi
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Pascal Sasdrich
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Amir Moradi
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany

Tim Güneysu
Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany; DFKI, Bremen, Germany


Keywords: FIA, Fault Verification, Formal Verification, BDD, Symbolic Simulation


Abstract

Fault Injection Analysis is seen as a powerful attack against implementations of cryptographic algorithms. Over the last two decades, researchers proposed a plethora of countermeasures to secure such implementations. However, the design process and implementation are still error-prone, complex, and manual tasks which require long-standing experience in hardware design and physical security. Moreover, the validation of the claimed security is often only done by empirical testing in a very late stage of the design process. To prevent such empirical testing strategies, approaches based on formal verification are applied instead providing the designer early feedback.

In this work, we present a fault verification framework to validate the security of countermeasures against fault-injection attacks designed for ICs. The verification framework works on netlist-level, parses the given digital circuit into a model based on Binary Decision Diagrams, and performs symbolic fault injections. This verification approach constitutes a novel strategy to evaluate protected hardware designs against fault injections offering new opportunities as performing full analyses under a given fault models.

Eventually, we apply the proposed verification framework to real-world implementations of well-established countermeasures against fault-injection attacks. Here, we consider protected designs of the lightweight ciphers CRAFT and LED-64 as well as AES. Due to several optimization strategies, our tool is able to perform more than 90 million fault injections in a single-round CRAFT design and evaluate the security in under 50 min while the symbolic simulation approach considers all 2128 primary inputs.

Publication

Transactions of Cryptographic Hardware and Embedded Systems, Volume 2021, Issue 4

Paper

Artifact

Artifact number
tches/2021/a16

Artifact published
September 10, 2021

README

ZIP (7.6 MB)  

View on Github

License


BibTeX How to cite

Richter-Brockmann, J., Rezaei Shahmirzadi, A., Sasdrich, P., Moradi, A., & Güneysu, T. (2021). FIVER – Robust Verification of Countermeasures against Fault Injections. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(4), 447–473. https://doi.org/10.46586/tches.v2021.i4.447-473. Artifact at https://artifacts.iacr.org/tches/2021/a16.