logo EDITE Nicolas MORO
Identité
Nicolas MORO
État académique
Thèse soutenue le 2014-11-13
Sujet: Sécurisation de programmes assembleur face aux attaques visant les processeurs embarqués
Direction de thèse:
Encadrement de thèse:
Laboratoire:
Voisinage
Ellipse bleue: doctorant, ellipse jaune: docteur, rectangle vert: permanent, rectangle jaune: HDR. Trait vert: encadrant de thèse, trait bleu: directeur de thèse, pointillé: jury d'évaluation à mi-parcours ou jury de thèse.
Productions scientifiques
oai:hal-emse.ccsd.cnrs.fr:emse-00837514
Electromagnetic glitch on the AES round counter
This article presents a Round Addition Analysis on a software implementation of the Advanced Encryption Standard (AES) algorithm. The round keys are computed on-the-fly during each encryption. A non-invasive transient fault injection is achieved on the AES round counter. The attack is performed by injecting a very short electromagnetic glitch on a 32-bit microcontroller based on the arm Cortex-M3 processor. Using this experimental setup, we are able to disrupt the round counter increment at the end of the penultimate round and execute one additional round. This faulty execution enables us to recover the encryption key with only two pairs of corresponding correct and faulty ciphertexts.
Fourth International Workshop on Constructive Side-Channel Analysis and Secure Design - COSADE'2013 Fourth International Workshop on Constructive Side-Channel Analysis and Secure Design - COSADE'2013conference proceeding 2013-03-08
oai:hal-emse.ccsd.cnrs.fr:emse-00869509
Formal verification of a software countermeasure against instruction skip attacks
Fault attacks against embedded circuits enabled to define many new attack paths against secure circuits. Every attack path relies on a specific fault model which defines the type of faults that the attacker can perform. On embedded processors, a fault model in which an attacker is able to skip an assembly instruction is practical and has been obtained by using several fault injection means. To handle this issue, some countermeasure schemes which rely on temporal redundancy have been proposed. Nevertheless, double fault injection in a long enough time interval is practical and can bypass those countermeasure schemes. Some fine-grained other countermeasure schemes have been proposed for specific instructions. However, to the best of our knowledge, no approach that enables to secure a generic assembly program in order to make it fault-tolerant to instruction skip attacks has been formally proven yet. In this paper, we provide a fault-tolerant replacement sequence for every instruction of the whole Thumb2 instruction set and provide a formal proof of this fault tolerance. This simple transformation enables to add a reasonably good security level to an embedded program and makes practical fault injection attacks much harder to achieve.
PROOFS 2013conference, seminar, workshop communication 2013-08-24
oai:hal-emse.ccsd.cnrs.fr:emse-00871218
Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller
Injection of transient faults as a way to attack cryptographic implementations has been largely studied in the last decade. Several attacks that use electromagnetic fault injection against hardware or software architectures have already been presented. On microcontrollers, electromagnetic fault injection has mostly been seen as a way to skip assembly instructions or subroutine calls. However, to the best of our knowledge, no precise study about the impact of an electromagnetic glitch fault injection on a microcontroller has been proposed yet. The aim of this paper is twofold: providing a more in-depth study of the effects of electromagnetic glitch fault injection on a state-of-the-art microcontroller and building an associated register-transfer level fault model.
Proceedings of the 10th workshop on Fault Diagnosis and Tolerance in Cryptography 10th workshop on Fault Diagnosis and Tolerance in Cryptography - FDTC 2013conference proceeding 2013-08-20
oai:hal-emse.ccsd.cnrs.fr:emse-01032449
Experimental evaluation of two software countermeasures against fault attacks
Injection of transient faults can be used as a way to attack embedded systems. On embedded processors such as microcontrollers, several studies showed that such a transient fault injection with glitches or electromagnetic pulses could corrupt either the data loads from the memory or the assembly instructions executed by the circuit. Some countermeasure schemes which rely on temporal redundancy have been proposed to handle this issue. Among them, several schemes add this redundancy at assembly instruction level. In this paper, we perform a practical evaluation for two of those countermeasure schemes by using a pulsed electromagnetic fault injection process on a 32-bit microcontroller. We provide some necessary conditions for an efficient implementation of those countermeasure schemes in practice. We also evaluate their efficiency and highlight their limitations. To the best of our knowledge, no experimental evaluation of the security of such instruction-level countermeasure schemes has been published yet.
2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)conference proceeding 2014
oai:hal-emse.ccsd.cnrs.fr:emse-00951386
Formal verification of a software countermeasure against instruction skip attacks
International audience
Fault attacks against embedded circuits enabled to define many new attack paths against secure circuits. Every attack path relies on a specific fault model which defines the type of faults that the attacker can perform. On embedded processors, a fault model consisting in an assembly instruction skip can be very useful for an attacker and has been obtained by using several fault injection means. To avoid this threat, some countermeasure schemes which rely on temporal redundancy have been proposed. Nevertheless, double fault injection in a long enough time interval is practical and can bypass those countermeasure schemes. Some fine-grained countermeasure schemes have also been proposed for specific instructions. However, to the best of our knowledge, no approach that enables to secure a generic assembly program in order to make it fault-tolerant to instruction skip attacks has been formally proven yet. In this paper, we provide a fault-tolerant replacement sequence for almost all the instructions of the Thumb-2 instruction set and provide a formal verification for this fault tolerance. This simple transformation enables to add a reasonably good security level to an embedded program and makes practical fault injection attacks much harder to achieve.
Journal of Cryptographic Engineering http://hal-emse.ccsd.cnrs.fr/emse-00951386 Journal of Cryptographic Engineering, Springer, 2014, 4 (3), pp.145-156. <10.1007/s13389-014-0077-7>Journal articles 2014-09
Soutenance
Thèse: Sécurisation de programmes assembleur face aux attaques visant les processeurs embarqués
Soutenance: 2014-11-13
Rapporteurs: Pascal BERTHOMÉ    Jean-Louis LANET