A Practical Second-Order Fault Attack against a Real-World Pairing Implementation
J. Blömer, R. Gomes da Silva, P. Günther, J. Krämer, J.-P. Seifert, in: Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 2014, pp. 123--136.
Download
463-FDTC14.pdf
437.52 KB
Conference Paper
Author
Blömer, JohannesLibreCat;
Gomes da Silva, Ricardo;
Günther, Peter;
Krämer, Juliane;
Seifert, Jean-Pierre
Department
Abstract
Several fault attacks against pairing-based cryptography have been described theoretically in recent years. Interestingly, none of these have been practically evaluated. We accomplished this task and prove that fault attacks against pairing-based cryptography are indeed possible and are even practical — thus posing a serious threat. Moreover, we successfully conducted a second-order fault attack against an open source implementation of the eta pairing on an AVR XMEGA A1. We injected the first fault into the computation of the Miller Algorithm and applied the second fault to skip the final exponentiation completely. We introduce a low-cost setup that allowed us to generate multiple independent faults in one computation. The setup implements these faults by clock glitches which induce instruction skips. With this setup we conducted the first practical fault attack against a complete pairing computation.
Publishing Year
Proceedings Title
Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC)
Page
123--136
LibreCat-ID
Cite this
Blömer J, Gomes da Silva R, Günther P, Krämer J, Seifert J-P. A Practical Second-Order Fault Attack against a Real-World Pairing Implementation. In: Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC). ; 2014:123--136. doi:10.1109/FDTC.2014.22
Blömer, J., Gomes da Silva, R., Günther, P., Krämer, J., & Seifert, J.-P. (2014). A Practical Second-Order Fault Attack against a Real-World Pairing Implementation. In Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC) (pp. 123--136). https://doi.org/10.1109/FDTC.2014.22
@inproceedings{Blömer_Gomes da Silva_Günther_Krämer_Seifert_2014, title={A Practical Second-Order Fault Attack against a Real-World Pairing Implementation}, DOI={10.1109/FDTC.2014.22}, booktitle={Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC)}, author={Blömer, Johannes and Gomes da Silva, Ricardo and Günther, Peter and Krämer, Juliane and Seifert, Jean-Pierre}, year={2014}, pages={123--136} }
Blömer, Johannes, Ricardo Gomes da Silva, Peter Günther, Juliane Krämer, and Jean-Pierre Seifert. “A Practical Second-Order Fault Attack against a Real-World Pairing Implementation.” In Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 123--136, 2014. https://doi.org/10.1109/FDTC.2014.22.
J. Blömer, R. Gomes da Silva, P. Günther, J. Krämer, and J.-P. Seifert, “A Practical Second-Order Fault Attack against a Real-World Pairing Implementation,” in Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 2014, pp. 123--136.
Blömer, Johannes, et al. “A Practical Second-Order Fault Attack against a Real-World Pairing Implementation.” Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 2014, pp. 123--136, doi:10.1109/FDTC.2014.22.
Main File(s)
File Name
463-FDTC14.pdf
437.52 KB
Access Level
Closed Access
Last Uploaded
2018-03-16T11:20:54Z