State-of-the-art fault-based cryptanalysis methods are capable of breaking most
recent ciphers after only a few fault injections. However, they require temporal
and spatial accuracies of fault injection that were believed to rule out
low-cost injection techniques such as voltage, frequency or temperature
manipulation. We investigate selection of supply-voltage and temperature values
that are suitable for high-precision fault injection even up to a single bit.
The object of our studies is an ASIC implementation of the recently presented
block cipher PRINCE, for which a two-stage fault attack scheme has been
suggested lately. This attack requires, on average, about four to five fault
injections in well-defined locations. We show by electrical simulations that
voltage-temperature points exist for which faults show up at locations required
for a successful attack with a likelihood of around 0.1\%. This implies that the
complete attack can be mounted by approximately 4,000 to 5,000 fault injection
attempts, which is clearly feasible.
↧