Differential Fault Attacks (DFA) disturbs the function of the smart card through physical means in order for the smart card to output faulty data. This faulty data can then be used to reveal the secret key of the smart card. Two types of DFA that can be used to break a smart card are glitching and optical fault induction attacks.

Glitching

Glitching is an attack done long ago by hackers to break pay-TV smart cards. This method involves applying a glitch (a rapid transient) to the smart card’s clock or power source. The smart card’s processor can then be made to execute a number of incorrect instructions by varying the duration and precise timing of the glitch. This can cause the secret key to be outputted and checks of passwords and access rights to be skipped over. For example, the following loop is commonly used to output the contents of a limited range in memory to the serial port.

The aim of glitching attacks is to increment the program counter as usual but modify the conditional branch in line 3 or the decrement of variable a in line 6. The glitching attack can then be repeated such that the entire contents of the memory is outputted.

Optical Fault Induction Attack

An 0ptical fault induction attack uses a laser to change the state of a memory cell. By exposing an intense light source to CMOS logic, the semiconductor becomes ionized and can cause a new value to be written. The experiment carried out by Skorobogatov used a light from a magnified photoflash lamp to successfully change a bit in a SRAM chip. By manipulating the data in the smart card, faulty data can be outputted. This faulty data can then be used by the Chinese Remainder Theorem (CRT) to find the smart card’s secret key.

Finding the Secret Key Using CRT

Using the CRT to find the secret key of a public key cryptosystem was first discussed in. Devices using public key cryptosystems to generate signature may be attacked to inadvertently reveal their secret keys. This can be done if the following conditions are true: the message as signed is known, a certain type of faulty behavior occurs during signature generation and the device outputs the faulty signature.

Countermeasures to DFA

There are many ways to make smart cards more resistant to DFA’s. This can be done by changing the hardware of the smart card itself or the software ran on the smart card. In general, smart cards should have mechanisms that can prevent glitching attacks, detect errors during runtime or check the results of the computation before outputting the data.

 

Related Products

Related Articles

STMicroelectronics has released the next generation of its STPay system-on-chip (SoC) payment solution

October 22nd, 2019|

October 2019 -- STMicroelectronics has released the next generation of its STPay system-on-chip (SoC) payment solution, leveraging state-of-the-art technology to increase contactless performance and protection, reduce power demand, and significantly improve the user experience. A sample of "STPay-Topaz-1", the first

« Back to Glossary Index