test
Search publications, data, projects and authors

Thesis

English

ID: <

http://hdl.handle.net/10251/32021

>

Where these data come from
Optimization of parameter settings search for a successful Fault Injection

Abstract

[is] Today, the protection of information through the use of dedicated hardware devices is becoming increasingly common in all types of areas. In order to assess the resilience of a hardware device to external attacks and to ensure the security of protected information, a multitude of techniques exist for access to confidential information, including failure injection techniques. The power line failure injection technique (VCC fault Injection or simply VCC FI) consists of the introduction of abnormal signals into the supply line of an integrated circuit (glitch), the purpose of which is to alter the normal functioning of a hardware device and cause it to enter a state which an attacker can exploit for his benefit in order to obtain the information protected by the device (whether cryptographic keys, source code of an application or confidential data). If a security analyst decides to use VCC fault Injection, there is a problem of defining the attack itself: both the abnormal signal to be injected and the temporary moment of injection should be specified. As the number of parameters that make it possible to define the characteristics of the attack is high, the space of possible configurations renders its exploration completely impracticable. However, the success of such an attack depends on using a parameter specific configuration (or configurations), so finding values for the different parameters of the attack automatically and efficiently is of particular relevance in a security audit of a device, where the time to perform experiments is often severely restricted. This Carrera Final Project Report contains six months of research in the area of VCC fault Injection, the result of which has been the proposal of a scheme for the automation of parameter searches for a successful injection of power line failures (VCC fault Injection), based on three parts: a theoretical model of a hardware device, a search strategy based on the theoretical model, and a representation of results to display the behaviour of the device under analysis under different attack configurations. Delegated archive

Your Feedback

Please give us your feedback and help us make GoTriple better.
Fill in our satisfaction questionnaire and tell us what you like about GoTriple!