The Design of Rijndael
A Compact Rijndael Hardware Architecture with S-Box Optimization
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
New Differential Fault Analysis on AES Key Schedule: Two Faults Are Enough
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Practical Setup Time Violation Attacks on AES
EDCC-7 '08 Proceedings of the 2008 Seventh European Dependable Computing Conference
Interests and limitations of technology scaling for subthreshold logic
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Optical Fault Attacks on AES: A Threat in Violet
FDTC '09 Proceedings of the 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography
Low Voltage Fault Attacks on the RSA Cryptosystem
FDTC '09 Proceedings of the 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography
Differential fault analysis on AES key schedule and some countermeasures
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
A generalized method of differential fault attack against AES cryptosystem
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
A systematic evaluation of compact hardware implementations for the rijndael s-box
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
All you can eat or breaking a real-world contactless payment system
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Hi-index | 0.00 |
The continuous scaling of VLSI technology and the aggressive use of low power strategies (such as subthreshold voltage) make it possible to implement standard cryptographic primitives within the very limited circuit and power budget of RFID devices. On the other hand, such cryptographic implementations raise concerns regarding their vulnerability to both active and passive side channel attacks. In particular, when focusing on RFID targeted designs, it is important to evaluate their resistance to low cost physical attacks. A common low cost fault injection attack is the one which is induced by insufficient supply voltage of the chip with the goal of causing setup time violations. This kind of fault attack relies on the possibility of gracefully degrading the performance of the chip. It is however, unclear whether this kind of low cost attack is feasible in the case of low voltage design since a reduction of the voltage may result in a catastrophic failure of the device rather than an isolated setup violation. Furthermore, the effect that process variations may have on the fault model used by the attacker and consequently the success probability of the attack, are unknown. In this paper, we investigate these issues by evaluating the resistance to low cost fault injection attacks of chips implementing the AES cipher that were manufactured using a 65nm low power library and operate at subthreshold voltage. We show that it is possible to successfully breach the security of a custom implementation of the AES cipher. Our experiments have taken into account the expected process variations through testing of multiple samples of the chip. To the best of our knowledge, this work is the first attempt to explore the resistance against low cost fault injection attacks on devices that operate at subthreshold voltage and are very susceptible to process variations.