TY - GEN
T1 - A Tale of Two Models
T2 - 20th Workshop on Fault Detection and Tolerance in Cryptography, FDTC 2023
AU - Nabhan, Roukoz
AU - Dutertre, Jean Max
AU - Rigaud, Jean Baptiste
AU - Danger, Jean Luc
AU - Sauvage, Laurent
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023/1/1
Y1 - 2023/1/1
N2 - Investigating the dynamics and mechanisms of Electromagnetic Fault Injection (EMFI) attacks, which expose an active circuit to electromagnetic disturbances, presents a persisting challenge due to the diverse and complex fault mechanisms involved. An improved understanding of EMFI modeling is paramount for developing proficient on-chip detection sensors, serving as countermeasures to these attacks. In light of this, our research evaluated the effectiveness of EMFI detection sensors, introduced by Elbaze et al., which rest on the premise that the sampling fault model accounts for EMFI. To assess the functionality of these sensors, we integrated them into an Advanced Encryption Standard (AES) accelerator of a Field-Programmable Gate Array (FPGA) and performed a series of experiments. The resulting evidence suggests that the explanation for EMFI is not a singular fault model but rather, two underlying mechanisms are implicated. At high frequencies, which corresponds to low slack, electromagnetic disturbances, in tandem with the target's Power Distribution Network (PDN), initiated timing constraint violations. This violation subsequently increased the logic propagation times, surpassing the clock period. Contrarily, at low to moderate frequencies, the induced faults generally aligned with the sampling fault model. However, certain deviations from the theoretical framework called into question the model's validity. Upon a deeper examination of the results, we determined that these faults, rather than being sampling faults, were tied to a different mechanism. Electromagnetic disturbances, when coupled with a target's Clock Distribution Network (CDN), can cause timing constraint violations due to EMFI-induced voltage glitches within the target's clock tree. By integrating the mechanisms of EMFI-induced clock glitches and timing faults into the timing violations fault model, we attain a holistic comprehension of EMFI mechanisms. It encapsulates both mechanisms induced by EMFI, spanning the full-frequency spectrum of the target.
AB - Investigating the dynamics and mechanisms of Electromagnetic Fault Injection (EMFI) attacks, which expose an active circuit to electromagnetic disturbances, presents a persisting challenge due to the diverse and complex fault mechanisms involved. An improved understanding of EMFI modeling is paramount for developing proficient on-chip detection sensors, serving as countermeasures to these attacks. In light of this, our research evaluated the effectiveness of EMFI detection sensors, introduced by Elbaze et al., which rest on the premise that the sampling fault model accounts for EMFI. To assess the functionality of these sensors, we integrated them into an Advanced Encryption Standard (AES) accelerator of a Field-Programmable Gate Array (FPGA) and performed a series of experiments. The resulting evidence suggests that the explanation for EMFI is not a singular fault model but rather, two underlying mechanisms are implicated. At high frequencies, which corresponds to low slack, electromagnetic disturbances, in tandem with the target's Power Distribution Network (PDN), initiated timing constraint violations. This violation subsequently increased the logic propagation times, surpassing the clock period. Contrarily, at low to moderate frequencies, the induced faults generally aligned with the sampling fault model. However, certain deviations from the theoretical framework called into question the model's validity. Upon a deeper examination of the results, we determined that these faults, rather than being sampling faults, were tied to a different mechanism. Electromagnetic disturbances, when coupled with a target's Clock Distribution Network (CDN), can cause timing constraint violations due to EMFI-induced voltage glitches within the target's clock tree. By integrating the mechanisms of EMFI-induced clock glitches and timing faults into the timing violations fault model, we attain a holistic comprehension of EMFI mechanisms. It encapsulates both mechanisms induced by EMFI, spanning the full-frequency spectrum of the target.
KW - EMFI
KW - EMFI-induced clock glitches
KW - fully digital sensor
KW - sampling fault model
KW - timing faults
KW - timing violations fault model
U2 - 10.1109/FDTC60478.2023.00010
DO - 10.1109/FDTC60478.2023.00010
M3 - Conference contribution
AN - SCOPUS:85190476195
T3 - Proceedings - 2023 Workshop on Fault Detection and Tolerance in Cryptography, FDTC 2023
SP - 1
EP - 12
BT - Proceedings - 2023 Workshop on Fault Detection and Tolerance in Cryptography, FDTC 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 10 September 2023
ER -