北京大学学报(自然科学版) ›› 2016, Vol. 52 ›› Issue (2): 193-198.DOI: 10.13209/j.0479-8023.2015.126

上一篇    下一篇

一种针对FPGA密码模块的非侵入式故障攻击

廖楠1, 崔小欣1, 廖凯1, 王田1, 于敦山1, 程玉芳2   

  1. 1. 北京大学信息科学技术学院微电子学研究院, 北京 100871; 2. 国民技术股份有限公司, 深圳 518057;
    † 通信作者, E-mail: cuixx@pku.edu.cn
  • 收稿日期:2014-12-18 出版日期:2016-03-20 发布日期:2016-03-20
  • 通讯作者: 崔小欣, E-mail: cuixx(at)pku.edu.cn
  • 基金资助:
    国家自然科学基金(61306040) 、北京市自然科学基金(4152020) 和深圳市战略新兴产业发展专项资金创新环境建设计划(ZDSY20130402095348589)资助

A Non-invasive Fault Attack on FPGA-based Cryptographic Applications

LIAO Nan1, CUI Xiaoxin1, LIAO Kai1, WANG Tian1, YU Dunshan1, CHENG Yufang2   

  1. 1. Institute of Microelectronics, School of Electronics Engineering and Computer Science, Peking University, Beijing 100871;
    2. Nationz technologies Inc, Shenzhen 518057; † Corresponding author, E-mail: cuixx@pku.edu.cn
  • Received:2014-12-18 Online:2016-03-20 Published:2016-03-20
  • Contact: CUI Xiaoxin, E-mail: cuixx(at)pku.edu.cn

RichHTML

PDF

PDF (翻译版)

摘要:

在FPGA平台上, 利用降低电源电压的方法使电路关键路径上的数据建立失败, 从而达到注入故障的目的。基于合适的故障模型, 攻击者可以有效地获取密钥信息,实现了针对密码模块的高效率、低成本的非侵入式故障攻击方法。攻击实验利用一台电压源和一台个人电脑, 通过8组正确和错误密文对, 成功地恢复出一个FPGA 中AES密码模块的128 bit完整密钥。

关键词: 故障攻击, FPGA, AES, 建立失败

Abstract:

A non-invasive, high-efficient and low-cost fault attack is realized on FPGA-based cryptographic applications. Based on the setup failures in critical paths, faults are injected into the FPGA devices by lowering the supply voltage. Then the encryption key can be retrieved efficiently with an appropriate fault model. In the attack experiments, the full 128-bit key of AES is retrieved correctly with only 8 pairs of correct and faulty ciphertexts within a few minutes, by using a power supply and a personal computer, based on the FPGA platform.

Key words: fault attack, FPGA, AES, setup failure

中图分类号: 

版权所有 © 《北京大学学报(自然科学版)》编辑部
技术支持:北京玛格泰克科技发展有限公司