High Precision Laser Fault Injection using Low-cost Components. / Kelly, Martin; Mayes, Keith.

2020. 1-10 Paper presented at IEEE International Symposium on Hardware Oriented Security and Trust, San Jose, United States.

Research output: Contribution to conferencePaper

Forthcoming

Documents

  • Accepted Manuscript

    Rights statement: © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

    Accepted author manuscript, 719 KB, PDF document

Abstract

This paper demonstrates that it is possible to execute
sophisticated and powerful fault injection attacks on microcontrollers
using low-cost equipment and readily available components.
Earlier work had implied that powerful lasers and high
grade optics frequently used to execute such attacks were being
underutilized and that attacks were equally effective when using
low-power settings and imprecise focus.
This work has exploited these earlier findings to develop a lowcost
laser workstation capable of generating multiple discrete
faults with timing accuracy capable of targeting consecutive
instruction cycles. We have shown that the capabilities of this
new device exceed those of the expensive laboratory equipment
typically used in related work.
We describe a simplified fault model to categorize the effects
of induced errors on running code and use it, along with the
new device, to reevaluate the efficacy of different defensive coding
techniques. This has enabled us to demonstrate an efficient hybrid
defense that outperforms the individual defenses on our chosen
target.
This approach enables device programmers to select an appropriate
compromise between the extremes of undefended code
and unusable overdefended code, to do so specifically for their
chosen device and without the need for prohibitively expensive
equipment. This work has particular relevance in the burgeoning
IoT world where many small companies with limited budgets
are deploying low-cost microprocessors in ever more security
sensitive roles.
Original languageEnglish
Pages1-10
Number of pages10
Publication statusAccepted/In press - 13 Feb 2020
EventIEEE International Symposium on Hardware Oriented Security and Trust - Double Tree by Hilton, San Jose, United States
Duration: 6 Dec 20209 Dec 2020
http://www.hostsymposium.org/

Conference

ConferenceIEEE International Symposium on Hardware Oriented Security and Trust
Abbreviated titleHOST
CountryUnited States
CitySan Jose
Period6/12/209/12/20
Internet address

ID: 38226450