We propose two extremely stealthy hardware Trojans that facilitate
fault-injection attacks in cryptographic blocks. The Trojans are carefully
inserted to modify the electrical characteristics of predetermined transistors
in a circuit by altering parameters such as doping concentration and dopant
area. These Trojans are activated with very low probability under the presence
of a slightly reduced supply voltage (0.001 for 20\% $V_{dd}$ reduction). We
demonstrate the effectiveness of the Trojans by utilizing them to inject faults
into an ASIC implementation of the recently introduced lightweight cipher %ip
PRINCE. Full circuit-level simulation followed by differential cryptanalysis
demonstrate that the secret key can be reconstructed after around 5
fault-injections.
↧