Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Gierlichs Benedikt; Jorn-Marc Schmidt; Mike Tunstall

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Gierlichs Benedikt, Jorn-Marc Schmidt, Mike Tunstall

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

77 Citations (Scopus)

Abstract

Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned.

Original language	English
Title of host publication	LATINCRYPT 2012
Publisher	Springer Berlin Heidelberg
Pages	305-321
Volume	7533
Publication status	Published - 2012

Handle.net

Persistent link

Cite this

@inproceedings{7f708158cf9342a79c0866800640a43c,

title = "Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output",

abstract = "Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned.",

author = "Gierlichs Benedikt and Jorn-Marc Schmidt and Mike Tunstall",

year = "2012",

language = "English",

volume = "7533",

pages = "305--321",

booktitle = "LATINCRYPT 2012",

publisher = "Springer Berlin Heidelberg",

address = "Germany",

}

TY - GEN

T1 - Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

AU - Benedikt, Gierlichs

AU - Schmidt, Jorn-Marc

AU - Tunstall, Mike

PY - 2012

Y1 - 2012

N2 - Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned.

AB - Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned.

M3 - Conference Contribution (Conference Proceeding)

VL - 7533

SP - 305

EP - 321

BT - LATINCRYPT 2012

PB - Springer Berlin Heidelberg

ER -

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Abstract

Handle.net

Fingerprint

Cite this