Differential Fault Attacks (DFA) disturbs the function of the smart card through physical means in order for the smart card to output faulty data. This faulty data can then be used to reveal the secret key of the smart card. Two types of DFA that can be used to break a smart card are glitching and optical fault induction attacks.
Glitching is an attack done long ago by hackers to break pay-TV smart cards. This method involves applying a glitch (a rapid transient) to the smart card’s clock or power source. The smart card’s processor can then be made to execute a number of incorrect instructions by varying the duration and precise timing of the glitch. This can cause the secret key to be outputted and checks of passwords and access rights to be skipped over. For example, the following loop is commonly used to output the contents of a limited range in memory to the serial port.
The aim of glitching attacks is to increment the program counter as usual but modify the conditional branch in line 3 or the decrement of variable a in line 6. The glitching attack can then be repeated such that the entire contents of the memory is outputted.
Optical Fault Induction Attack
An 0ptical fault induction attack uses a laser to change the state of a memory cell. By exposing an intense light source to CMOS logic, the semiconductor becomes ionized and can cause a new value to be written. The experiment carried out by Skorobogatov used a light from a magnified photoflash lamp to successfully change a bit in a SRAM chip. By manipulating the data in the smart card, faulty data can be outputted. This faulty data can then be used by the Chinese Remainder Theorem (CRT) to find the smart card’s secret key.
Finding the Secret Key Using CRT
Using the CRT to find the secret key of a public key cryptosystem was first discussed in. Devices using public key cryptosystems to generate signature may be attacked to inadvertently reveal their secret keys. This can be done if the following conditions are true: the message as signed is known, a certain type of faulty behavior occurs during signature generation and the device outputs the faulty signature.
Countermeasures to DFA
There are many ways to make smart cards more resistant to DFA’s. This can be done by changing the hardware of the smart card itself or the software ran on the smart card. In general, smart cards should have mechanisms that can prevent glitching attacks, detect errors during runtime or check the results of the computation before outputting the data.
January 21, 2020 -- Able Device -- GlobalPlatform, the standard for secure digital services and devices, alongside prime sponsor Oracle and supporting sponsors STMicroelectronics and Able Device, is hosting a free technical workshop in Nuremberg on Thursday February 27, 2020. The full day
Nov 14, 2019 -- ePasslet Suite v3 – cryptovision’s Java card framework for electronic ID documents – will be available in 2020 on SECORA™ ID, Infineon’s new Java card operating system. Using ePasslet Suite, users of SECORA™ ID can easily and flexibly
Munich, Germany – 14 November 2019 – Electronic identification documents (eID) are high in demand worldwide. To address the evolving needs of the market in a fast and flexible manner, Infineon Technologies AG (FSE: IFX / OTCQX: IFNNY) has
STMicroelectronics has released the next generation of its STPay system-on-chip (SoC) payment solution
October 2019 -- STMicroelectronics has released the next generation of its STPay system-on-chip (SoC) payment solution, leveraging state-of-the-art technology to increase contactless performance and protection, reduce power demand, and significantly improve the user experience. A sample of "STPay-Topaz-1", the first
IRVINE, CA, October 11, 2019 – CardLogix is preparing clients for the official release of NXP’s latest generation Java Card OS, JCOP 4, smart cards with custom applet development and existing applet support. CardLogix helps software developers create applets
Infineon OPTIGA™ Trust M improves the security and performance of cloud connected devices and services
SINGAPORE, Sept. 3, 2019 /PRNewswire/ -- Hardware-based trust anchors are key for connected applications and smart services, whether for a robotic arm in the smart factory or automated air conditioning in a private home. The new OPTIGA™ Trust M solution from