Instruction duplication: Leaky and not too fault-tolerant!

Lucian Cojocar, Kostas Papagiannopoulos, Niek Timmers

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

Original languageEnglish
Title of host publicationSmart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers
PublisherSpringer/Verlag
Pages160-179
Number of pages20
ISBN (Electronic)9783319752082
ISBN (Print)9783319752075
DOIs
Publication statusPublished - 2018
Event16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017 - Lugano, Switzerland
Duration: 13 Nov 201715 Nov 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10728 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017
CountrySwitzerland
CityLugano
Period13/11/1715/11/17

Fingerprint

Duplication
Fault-tolerant
Fault Attacks
Fault tolerance
Attack
Fault Injection
Controllers
Software
Microcontroller
Countermeasures
Fault Tolerance
Leakage
Exploitation
Side channel attack

Cite this

Cojocar, L., Papagiannopoulos, K., & Timmers, N. (2018). Instruction duplication: Leaky and not too fault-tolerant! In Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers (pp. 160-179). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10728 LNCS). Springer/Verlag. https://doi.org/10.1007/978-3-319-75208-2_10
Cojocar, Lucian ; Papagiannopoulos, Kostas ; Timmers, Niek. / Instruction duplication : Leaky and not too fault-tolerant!. Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag, 2018. pp. 160-179 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{f43e98c549484cffacc5e14ac00185cd,
title = "Instruction duplication: Leaky and not too fault-tolerant!",
abstract = "Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.",
author = "Lucian Cojocar and Kostas Papagiannopoulos and Niek Timmers",
year = "2018",
doi = "10.1007/978-3-319-75208-2_10",
language = "English",
isbn = "9783319752075",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer/Verlag",
pages = "160--179",
booktitle = "Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers",

}

Cojocar, L, Papagiannopoulos, K & Timmers, N 2018, Instruction duplication: Leaky and not too fault-tolerant! in Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10728 LNCS, Springer/Verlag, pp. 160-179, 16th International Conference on Smart Card Research and Advanced Applications, CARDIS 2017, Lugano, Switzerland, 13/11/17. https://doi.org/10.1007/978-3-319-75208-2_10

Instruction duplication : Leaky and not too fault-tolerant! / Cojocar, Lucian; Papagiannopoulos, Kostas; Timmers, Niek.

Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag, 2018. p. 160-179 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10728 LNCS).

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - Instruction duplication

T2 - Leaky and not too fault-tolerant!

AU - Cojocar, Lucian

AU - Papagiannopoulos, Kostas

AU - Timmers, Niek

PY - 2018

Y1 - 2018

N2 - Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

AB - Fault injection attacks alter the intended behavior of micro-controllers, compromising their security. These attacks can be mitigated using software countermeasures. A widely-used software-based solution to deflect fault attacks is instruction duplication and n -plication. We explore two main limitations with these approaches: first, we examine the effect of instruction duplication under fault attacks, demonstrating that as fault tolerance mechanism, code duplication does not provide a strong protection in practice. Second, we show that instruction duplication increases side-channel leakage of sensitive code regions using a multivariate exploitation technique both in theory and in practice.

UR - http://www.scopus.com/inward/record.url?scp=85041727391&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85041727391&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-75208-2_10

DO - 10.1007/978-3-319-75208-2_10

M3 - Conference contribution

SN - 9783319752075

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 160

EP - 179

BT - Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers

PB - Springer/Verlag

ER -

Cojocar L, Papagiannopoulos K, Timmers N. Instruction duplication: Leaky and not too fault-tolerant! In Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017,Revised Selected Papers. Springer/Verlag. 2018. p. 160-179. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-75208-2_10