Learn More
Whilst clock fault attacks are known to be a serious security threat, an in-depth explanation of such faults still seems to be put in order. This work provides a theoretical analysis, backed by practical experiments , explaining when and how clock faults occur. Understanding and modeling the chain of events following a transient clock alteration allows to(More)
True random number generators (TRNGs) are ubiquitous in data security as one of basic cryptographic primitives. They are primarily used as generators of confidential keys, to initialize vectors, to pad values, but also as random masks generators in some side channel attacks countermeasures. As such, they must have good statistical properties, be(More)
This paper describes an attack on cryptographic devices called Differential Behavioral Analysis (or DBA). This is an hybrid attack between two already powerful attacks: differential power analysis (DPA) for the statistical treatment and safe-error attack for the fault type. DBA, simulated on an algorithmic model of AES appears to be very efficient. The(More)
—Injection of transient faults as a way to attack cryptographic implementations has been largely studied in the last decade. Several attacks that use electromagnetic fault injection against hardware or software architectures have already been presented. On microcontrollers, electromagnetic fault injection has mostly been seen as a way to skip assembly(More)
Cryptographic devices are vulnerable to the nowadays well known side channel leakage analysis. Secret data can be revealed by power analysis attacks such as Simple Power Analysis (SPA), Differential Power Analysis (DPA) and Correlation Power Analysis (CPA). First, we give an overview of DPA in mono-bit and multi-bit cases. Next, the existing multi-bit DPA(More)
This article considers the use of magnetic pulses to inject transient faults into the calculations of a RISC micro-controller running the AES algorithm. A magnetic coil is used to generate the pulses. It induces computational faults without any physical contact with the device. The injected faults are proved to be constant (i.e. data independent) under(More)