Abstract:
We describe a new class of attacks on secure microcontrollers and smartcards. Illumination of a target
transistor causes it to conduct, thereby inducing a transient fault. Such attacks are practical; they do not
even require expensive laser equipment. We have carried them out using a flashgun bought second-hand
from a camera store for $30. As an illustration of the power of this attack, we developed techniques to set
or reset any individual bit of SRAM in a microcontroller. Unless suitable countermeasures are taken,
optical probing may also be used to induce errors in cryptographic computations or protocols, and to
disrupt the processor's control flow. It thus provides a powerful extension of existing glitching and fault
analysis techniques. This vulnerability may pose a big problem for the industry, similar to those resulting
from probing attacks in the mid-1990s and power analysis attacks in the late 1990s.
We have therefore developed a technology to block these attacks. We use self-timed dual-rail circuit
design techniques whereby a logical 1 or 0 is not encoded by a high or low voltage on a single line, but by
(HL) or (LH) on a pair of lines. The combination (HH) signals an alarm, which will typically reset the
processor. Circuits can be designed so that single-transistor failures do not lead to security failure. This
technology may also make power analysis attacks very much harder too.
Slashdot Mirror
Here is the article: Optical Fault Induction Attacks.
Abstract:
We describe a new class of attacks on secure microcontrollers and smartcards. Illumination of a target transistor causes it to conduct, thereby inducing a transient fault. Such attacks are practical; they do not even require expensive laser equipment. We have carried them out using a flashgun bought second-hand from a camera store for $30. As an illustration of the power of this attack, we developed techniques to set or reset any individual bit of SRAM in a microcontroller. Unless suitable countermeasures are taken, optical probing may also be used to induce errors in cryptographic computations or protocols, and to disrupt the processor's control flow. It thus provides a powerful extension of existing glitching and fault analysis techniques. This vulnerability may pose a big problem for the industry, similar to those resulting from probing attacks in the mid-1990s and power analysis attacks in the late 1990s.
We have therefore developed a technology to block these attacks. We use self-timed dual-rail circuit design techniques whereby a logical 1 or 0 is not encoded by a high or low voltage on a single line, but by (HL) or (LH) on a pair of lines. The combination (HH) signals an alarm, which will typically reset the processor. Circuits can be designed so that single-transistor failures do not lead to security failure. This technology may also make power analysis attacks very much harder too.