Fault Injection Attack Threat Analysis

Version: 1.0
Last Updated: 2025-01-02
Security Classification: PUBLIC

Overview

Fault injection attacks deliberately introduce errors during cryptographic operations to extract secrets or bypass security mechanisms. These attacks can be physical (voltage glitching, clock manipulation) or software-based (Rowhammer, exploitation of race conditions).

Attack Techniques

Physical Fault Injection

Voltage Glitching

Undervoltage: Cause computation errors
Overvoltage: Skip instructions
Power cycling: Reset attacks
Brown-out: Partial state corruption

Clock Manipulation

Clock glitching: Skip clock cycles
Overclocking: Timing violations
Clock stopping: Freeze state

Electromagnetic Injection

EM pulses: Targeted bit flips
EM fields: Wide-area disruption

Optical Injection

Laser fault injection: Precise bit flips
Flash photography: CCD/CMOS sensors
UV exposure: EPROM manipulation

Software Fault Injection

Memory Attacks

Rowhammer: DRAM bit flips
RAMBleed: Read across boundaries
Cold boot: Memory remanence

Race Conditions

TOCTOU: Time-of-check to time-of-use
Double-fetch: Kernel race conditions

Vulnerable Cryptographic Operations

Operation	Attack Goal	Technique	Impact
RSA-CRT	Factor modulus	Single fault	Key recovery
AES rounds	Skip rounds	Clock glitch	Reduced security
Signature verification	Bypass check	Instruction skip	Authentication bypass
RNG seeding	Predictable output	Reset attack	Weak randomness
Key derivation	Known keys	Computation fault	Key recovery

Attack Examples

Bellcore Attack on RSA-CRT

def bellcore_attack_simulation():
    """Simulate Bellcore attack on RSA-CRT"""
    # Normal RSA-CRT signature
    s_p = m^d mod p
    s_q = m^d mod q
    s = CRT_combine(s_p, s_q)
    
    # Faulty signature (fault in s_p)
    s_p_fault = faulty_computation(m^d mod p)
    s_fault = CRT_combine(s_p_fault, s_q)
    
    # Factor recovery
    q = gcd(s - s_fault, n)
    p = n // q
    return p, q

AES Differential Fault Analysis

def aes_dfa_attack():
    """DFA on AES last round"""
    # Collect correct ciphertext
    c_correct = AES_encrypt(plaintext, key)
    
    # Inject fault before last round
    c_faulty = AES_encrypt_with_fault(plaintext, key, round=9)
    
    # Analyze differential
    diff = c_correct ^ c_faulty
    # Recover last round key from differential
    round_key = analyze_differential(diff)
    return round_key

Countermeasures

Detection Mechanisms

Redundancy Checks

// Dual computation with comparison
result1 = compute_crypto(input);
result2 = compute_crypto(input);
if (result1 != result2) {
    // Fault detected
    trigger_alarm();
    return ERROR;
}

Integrity Checks

// Add checksums to critical data
typedef struct {
    uint8_t key[32];
    uint32_t checksum;
} protected_key_t;

int verify_key(protected_key_t *pkey) {
    uint32_t calc_checksum = calculate_crc32(pkey->key, 32);
    return (calc_checksum == pkey->checksum);
}

Prevention Techniques

Temporal Redundancy

Execute operations multiple times
Compare results for consistency
Add random delays between operations

Spatial Redundancy

Duplicate critical hardware
Use error-correcting codes
Implement majority voting

Algorithm-Level Protection

Use fault-resistant algorithms
Add mathematical checks
Implement infection techniques

Implementation Guidelines

Protected Implementation Pattern

int protected_crypto_operation(void *input, void *output) {
    int result1, result2, result3;
    int fault_detected = 0;
    
    // Triple redundancy with different timing
    result1 = crypto_op(input, output);
    random_delay();
    result2 = crypto_op(input, output);
    random_delay();
    result3 = crypto_op(input, output);
    
    // Majority voting
    if (result1 == result2 || result1 == result3) {
        return result1;
    } else if (result2 == result3) {
        return result2;
    } else {
        // All different - severe fault
        panic("Multiple fault detection");
    }
}

Testing and Validation

Fault Simulation Tools

ChipWhisperer: Hardware fault injection
FiSim: Fault injection simulator
FIONA: Fault Injection for Security Analysis

Test Methodologies

Exhaustive fault testing: All possible single-bit faults
Random fault injection: Statistical coverage
Targeted fault models: Specific attack scenarios
Multi-fault testing: Combined fault attacks

Real-World Incidents

Xbox 360: Glitching attack on boot loader
PlayStation Portable: Battery glitch exploit
Smartcard attacks: Commercial payment cards
Secure element bypasses: Mobile device TEE

Standards and Requirements

Certification Requirements

Common Criteria: Protection against fault attacks (EAL4+)
FIPS 140-3: Environmental failure protection
EMVCo: Fault resistance for payment cards
GlobalPlatform: TEE protection profiles

Industry Guidelines

BSI: German Federal Office for Information Security
ANSSI: French National Cybersecurity Agency
NSA: Commercial National Security Algorithm Suite

Advanced Topics

Combined Attacks

Fault injection + side-channel analysis
Multiple synchronized faults
Persistent fault attacks

Emerging Threats

AI-guided fault injection
Supply chain fault insertion
Remote fault injection techniques