Key points are not available for this paper at this time.
Fault attacks are one of the most powerful forms of cryptanalytic attack on embedded systems, which can corrupt a cipher’s operations leading to a breach of confidentiality and integrity. A single precisely injected fault during the execution of a cipher can be exploited to retrieve the secret key in a few milliseconds. Naive countermeasures introduced into implementation can lead to huge overheads, making them unusable in resource-constraint environments. However, optimized countermeasures require significant knowledge, not only about the attack but also on the the cryptographic properties of the cipher, the program structure, and the underlying hardware architecture. This makes the protection against fault attacks tedious and error prone. In this article, we introduce FortiFix , the first automated compiler framework that can detect and patch fault exploitable regions in a block cipher implementation. The framework has two phases. The pre-compilation phase identifies regions in the source code of a block cipher that are vulnerable to fault attacks. The second phase is incorporated as transformation passes in the LLVM compiler to find exploitable instructions, quantify the impact of a fault on these instructions, and finally insert appropriate countermeasures based on user-defined security requirements. As a proof of concept, we have evaluated two block cipher implementations, AES-128 and CLEFIA-128, on three different hardware platforms: MSP430 (16-bit), ARM (32-bit), and RISCV (32-bit).
Keerthi et al. (Fri,) studied this question.