Efficient construction of binary moment diagrams for verifying arithmetic circuits
ICCAD '95 Proceedings of the 1995 IEEE/ACM international conference on Computer-aided design
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults
Proceedings of the 5th International Workshop on Security Protocols
Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Cryptanalysis of a provably secure CRT-RSA algorithm
Proceedings of the 11th ACM conference on Computer and communications security
Remote timing attacks are practical
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Practical Fault Attack on Square and Multiply
FDTC '08 Proceedings of the 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography
Attacking right-to-left modular exponentiation with timely random faults
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
PUF ROKs: a hardware approach to read-once keys
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
A new and extended fault analysis on RSA
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Application-aware diagnosis of runtime hardware faults
Proceedings of the International Conference on Computer-Aided Design
Differential fault analysis of AES: Toward reducing number of faults
Information Sciences: an International Journal
Sensing nanosecond-scale voltage attacks and natural transients in FPGAs
Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays
Improving timing attack on RSA-CRT via error detection and correction strategy
Information Sciences: an International Journal
Case study on multiple fault dependability and security evaluations
Microprocessors & Microsystems
Hi-index | 0.00 |
For any computing system to be secure, both hardware and software have to be trusted. If the hardware layer in a secure system is compromised, not only it would be possible to extract secret information about the software, but it would also be extremely hard for the software to detect that an attack is underway. In this work we detail a complete end-to-end fault-attack on a microprocessor system and practically demonstrate how hardware vulnerabilities can be exploited to target secure systems. We developed a theoretical attack to the RSA signature algorithm, and we realized it in practice against an FPGA implementation of the system under attack. To perpetrate the attack, we inject transient faults in the target machine by regulating the voltage supply of the system. Thus, our attack does not require access to the victim system's internal components, but simply proximity to it. The paper makes three important contributions: first, we develop a systematic fault-based attack on the modular exponentiation algorithm for RSA. Second, we expose and exploit a severe flaw on the implementation of the RSA signature algorithm on OpenSSL, a widely used package for SSL encryption and authentication. Third, we report on the first physical demonstration of a fault-based security attack of a complete microprocessor system running unmodified production software: we attack the original OpenSSL authentication library running on a SPARC Linux system implemented on FPGA, and extract the system's 1024-bit RSA private key in approximately 100 hours.