IMSE-CNM

Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these mechanisms can have a significant cost, not fully covering the implementations against fault attacks or not taking into account the leakage of the information exploitable by the power analysis attacks. In this paper, four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array (FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9% and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact of these structures in terms of power side-channel. The obtained results suggest that no extra information leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a high fault coverage protection with a low cost in terms of area and power consumption and no PA security degradation.

In this paper, we present a review of the work [1]. In this work a complete setup to break ASIC implementations of standard Trivium stream cipher was presented. The setup allows to recover the secret keys combining the use of the active noninvasive technique attack of clock manipulation and Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions.
[1] F.E. Potestad-Ordoñez, M. Valencia-Barrero, C. Baena-Oliva, P. Parra-Fernández, C.J. Jiménez-Fernández, "Breaking Trivium Stream Cipher Implemented in ASIC using Experimental Attacks and DFA". In Sensors, vol. 20, num. 6909, pp. 1-19, 2020.

In this paper, we present a review of the work [1]. The fast settlement of Privacy and Secure operations in the Internet of Things (IoT) is appealing the selection of mechanisms to achieve a higher level of security at the minimum cost and with reasonable performances. In recent years, dozens of proposals have been presented to design circuits resistant to Power Analysis attacks. In this paper a deep review of the state of the art of gate-level countermeasures against Power Analysis attacks has been done, performing a comparison between hiding approaches (the power consumption is intended to be the same for all the data processed) and the ones considering a masking procedure (the data are masked and behave as random). The most relevant proposals in the literature, 35 for hiding and 6 for masking, have been analyzed, not only by using data provided by proposers, but also those included in other references for comparison.
[1] E. Tena-Sánchez, F.E. Potestad-Ordoñez, C.J. Jiménez-Fernández, A.J. Acosta and R. Chaves, "Gate-Level Hardware Countermeasure Comparison against Power Analysis Attacks," Applied Sciences, 12(5), 2390, 2022.

This paper proposed a vision system which implements a foveal mechanism to concentrate the attention and dynamically control the center and size of region of interest. The core of the system is an electronically-foveated dynamic vision sensor. An architecture and implementation of an electronically-foveated dynamic vision sensor is proposed. Simulation results demonstrating its operation are provided.