# Fault Attacks

Faults attacks have gained popularity as a serious threat to embedded systems over the last few years. Attacks can target a specific algorithm or generically modify the program flow to attackerâ€™s advantage. In the following, we refer the classification of attacks and the organization proposed by Karaklajic et al. [15]. In particular, three distinct classes of fault attacks are identified for embedded system.

## Algorithm Specific Attacks

Fault attacks can be designed to exploit specific weaknesses of the target algorithm which are introduced by the injection of a fault. Several attacks targeting a large number of algorithms were presented in the past, the most common being the attacks against AES, RSA, and ECC.

Bloemer et al. in [16] proposed an attack on AES which exploit the change of a single bit after the first key addition. However, this attack can successfully recover a complete key only when the adversary has the possibility to inject a fault at a very precise timing and at a very specific position.

The security of asymmetric cryptosystems relies on problems which are mathematically hard to be solved. Fault attacks can be designed to weaken the problems and thus weaken the security of the algorithm based on that. A common target for such attacks are public-key cryptography algorithm, in particular RSA and ECC, as they are widely used for authentication, digital signature, and key exchange. RSA is based on exponentiation using a square and multiply (S&M) routine, while ECC is based on point-scalar multiplication using a double and add (D&A) routine. Both (S&M) and (D&A) have similar structure where the set of executed routine depends on the value of the processed bit of the secret.

Proposed attacks to these cryptosystems requires the attacker to change the base point of an ECC. As a result, the scalar point-multiplication will be moved to a weaker curve. The use of weak curve will make the problem of solving the discrete- logarithm problem of ECC manageable, and thus will lead to the recover of the secret [17]. The same attack can be carried out if the attacker manage to supply wrong parameters for the curve [17]. Other attacks proposed in the past showed that faults can be exploited to control few bits of the secret nonce in DSA and, which ultimately allows to recover the whole key [18]. Pairing algorithm are also vulnerable

Table 2.2 Comparison of fault injection mechanisms

 Mechanism Cost Controllability Trigger Type Repeatability Injection time Risk of damage Runtime injection Simulator Static analisys Execution based Trace-based Transistor level Med. High Yes App. [lint.] Sys. [lint.] High Med. No No No Yes No Software sim. Compile time Runtime Low Low Yes App. OS High Low No No Yes Low-level VM sim. Med High Yes OS Sys [lint]. Med. High No Yes Emulation High Med. Med. App. [lint.] Med. High Yes Yes Sys. Hardware High Med. Med. Sys. Med. High Yes Yes

Fault Attacks, Injection Techniques and Tools for Simulation

to

ox to faults [19]: it was demonstrated that by modifying the loop parameter of a pairing algorithm, the secret point can be recovered.