ALaRI Hang Glider

Search form

Education and Innovation in Embedded Systems Design

USI Università della Svizzera italiana, USI Faculty of Informatics, Advanced Learning and Research Institute USI Università della Svizzera italiana USI Faculty of Informatics USI Advanced Learning and Research Institute
TitleA Combined Design-Time/Test-Time Study of the Vulnerability of Sub-Threshold Devices to Low Voltage Fault Attacks
Publication TypeJournal Article
Year of Publication2014
AuthorsBarenghi, A., C. Hocquet, D. Bol, F-X. Standaert, F. Regazzoni, and I. Koren
JournalIEEE Transactions on Emerging Topics in Computing
Date Published04/2014

The continuous scaling of VLSI technology and the possibility to run circuits in subthreshold voltage range make it possible to implement standard cryptographic primitives within the very limited circuit and power budget of RFID devices. However, such cryptographic implementations raise concerns regarding their vulnerability to both active and passive side-channel attacks. In particular, when focusing on RFID targeted designs, it is important to evaluate their resistance against low cost physical attacks. A low cost fault injection attack can be mounted, for example, by lowering the supply voltage of the chip with the goal of causing setup time violations. In this paper, we provide an in-depth characterization of a chip implementation of the AES cipher. The chip has been designed using a 65nm low power standard cell library and operates in a subthreshold voltage range. We first show that it is possible to inject faults (through lowering the supply voltage) compliant with the fault models required to perform attacks against the AES cipher. We then investigate the possibility of predicting, at design time, which parts of the chip are more likely to be sensitive to such fault injection attacks and produce the desirable (from the point of view of the attacker) faulty behavior. Identifying such sensitive logic signals allows us to suggest to the designer a tailored countermeasure strategy for thwarting these attacks, with a minimal impact on the circuit’s performance.