Techniques for EM Fault Injection: Equipments and Experimental Results

Philippe Maurine 1
1 SysMIC - Conception et Test de Systèmes MICroélectroniques
LIRMM - Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier
Abstract : These last years, the advances realized by technologists and circuit designers were particularly important. Alongside these advances, the demand of secure objects tended to broaden from smartcard towards high performance integrated products. These Systems on Chip that will have ultimately to offer robustness guarantees against physical attacks, have characteristics radically different from those of smartcards. Indeed, the comparison of SoC with smartcards highlights that SoC: - operate at several hundreds of MHz against few tens of MHz for smartcards, - feature several millions of CMOS gates against roughly one hundred thousand for modern smartcards, - are designed with advanced CMOS technologies (45nm, 32nm) on a bulk or a Silicon on insulator substrate, while smartcards are currently designed with the 90nm process, - have a large number of IO and supply/ground pins and are often encapsulated in a ball grid array package. These observations raise questions about the vulnerabilities of tomorrow's embedded systems against physical attacks. Will an adversary be able to analyze the power consumption of such systems? Will he be able to inject transient faults and exploit them in such systems? If the issue of physical vulnerabilities of SoC remains, as designers of secure circuits, we can only wonder about the means that could be used by adversaries in order to inject transient faults into a SoC running at several hundreds of MHz encapsulated in a bga package. Considering that adversaries can access only the front side of such systems, the above questions lead to consider the ElectroMagnetic waves as the main medium for inject faults. Within this context, two EM platforms for injecting faults into circuits will be described during the presentation. The first platform is a harmonic injection platform. The latter has been developed in order to be able to disturb some analogue blocks as on-chip clock generators or some TRNGs. The challenges related to this kind of injection will be discussed before presenting some experimental results. The second platform is dedicated to the injection of EM pulses. This type of injection platform has been developed to inject transient faults within sensitive operations performed by some cryptomodules or any processing elements. Two types of platforms can be designed. A medium voltage platform (0-100V) centered on a pulse generator available on the market. A high voltage platform (50V-1kV) based on a homemade pulse generator. Experimental results obtained when applying the Piret-Quisquater attack will be analyzed to identify one of the electrical behaviors that could explain the occurrence of transient faults. Finally, we will show that EM backside injection (case of flip chip bga packages) has little or no interest. Indeed, a new fault injection technique, called Forward Body Biaising Injection (FBBI), must be preferred to EM injection to produce transient faults, especially when LASER shots are detected by the target. The equipment required to apply a FBBI is low cost and really similar to the one used to produce an EM pulse. The main difference is the replacement of the coil producing the magnetic field by a thin tungsten rod in order to directly establish an electrical contact with the substrate. With such a direct contact (instead of a magnetic coupling), the fault can be produced with a low amplitude pulse generator. Additionally, the spatial resolution is expected to be better than with an EM pulse. The two electrical behaviors underlying this simple technique will be described before giving some experimental results obtained on a CRT based RSA, running on a secure device featuring a modular arithmetic co-processor.
Type de document :
Communication dans un congrès
FDTC'2012: Fault Diagnosis and Tolerance in Cryptography, Sep 2012, Lewen, Belgium. pp.003-004, 2012, 〈www.fdtc-workshop.eu/〉
Liste complète des métadonnées

Littérature citée [7 références]  Voir  Masquer  Télécharger

https://hal-lirmm.ccsd.cnrs.fr/lirmm-00761778
Contributeur : Philippe Maurine <>
Soumis le : jeudi 6 décembre 2012 - 10:25:27
Dernière modification le : jeudi 11 janvier 2018 - 02:08:13
Document(s) archivé(s) le : jeudi 7 mars 2013 - 03:59:19

Fichier

bare_conf.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : lirmm-00761778, version 1

Collections

Citation

Philippe Maurine. Techniques for EM Fault Injection: Equipments and Experimental Results. FDTC'2012: Fault Diagnosis and Tolerance in Cryptography, Sep 2012, Lewen, Belgium. pp.003-004, 2012, 〈www.fdtc-workshop.eu/〉. 〈lirmm-00761778〉

Partager

Métriques

Consultations de la notice

196

Téléchargements de fichiers

661