Fault Analysis in Cryptography

"Fault attacks is an active area of research in cryptography, currently explored in hundreds of research papers and dedicated conferences. This book is the first comprehensive treatment of the subject covering both the theory and practice of these attacks as well as defense techniques. ... Preventing fault attacks without sacrificing performance is nontrivial. Over the years a number of innovative ideas have been proposed for efficiently verifying cryptographic computations. Many defense strategies are described in the book, some of which are already deployed in real-world cryptographic libraries. Nevertheless, many implementations remain vulnerable. I was thrilled to see the material covered in the book and hope that it will make fault defense standard practice in the minds of developers." (Dan Boneh, Stanford University)

"Among the well-studied side-channel analysis techniques, fault analysis might be the most powerful for recovering the secret value in the computation of a cryptographic algorithm. ... This book contains sufficient information for people who have not studied fault analysis before. It will be a handy book for self-study for both security engineers and academic researchers." (Zheng Gong, Computing Reviews, October 11, 2012)

In the 1970s researchers noticed that radioactive particles produced by elements naturally present in packaging material could cause bits to flip in sensitive areas of electronic chips. Research into the effect of cosmic rays on semiconductors, an area of particular interest in the aerospace industry, led to methods of hardening electronic devices designed for harsh environments. Ultimately various mechanisms for fault creation and propagation were discovered, and in particular it was noted that many cryptographic algorithms succumb to so-called fault attacks.

Preventing fault attacks without sacrificing performance is nontrivial and this is the subject of this book. Part I deals with side-channel analysis and its relevance to fault attacks. The chapters in Part II cover fault analysis in secret key cryptography, with chapters on block ciphers, fault analysis of DES and AES, countermeasures for symmetric-key ciphers, and countermeasures against attacks on AES. Part III deals with fault analysis in public key cryptography, with chapters dedicated to classical RSA and RSA-CRT implementations, elliptic curve cryptosystems and countermeasures using fault detection, devices resilient to fault injection attacks, lattice-based fault attacks on signatures, and fault attacks on pairing-based cryptography. Part IV examines fault attacks on stream ciphers and how faults interact with countermeasures used to prevent power analysis attacks. Finally, Part V contains chapters that explain how fault attacks are implemented, with chapters on fault injection technologies for microprocessors, and fault injection and key retrieval experiments on a widely used evaluation board.

This is the first book on this topic and will be of interest to researchers and practitioners engaged with cryptographic engineering.