EM2G (EM fault EMulation by local clock Glitches)

Embedded systems are increasingly used to improve performance of secure protocols. Several processors have dedicated instructions to accelerate software implementations, and a hardware coprocessor often improves computational latency and energy efficiency. However, the implementations of cryptographic algorithms are vulnerable to physical attacks, either passive (attacks by auxiliary channels) or active (attacks by faults). These attacks are an important weakness of secure systems, as they are potentially able to nullify the computational complexity of cryptographic algorithms. 

Among physical attacks, the attacks by fault injections are very dangerous, because they allow to circumvent the security with limited resources and little computational effort compared to the analytical attacks. The techniques mostly used are glitching on the clock signal, injections by electromagnetic pulses or by laser: the latter being the most powerful but also the most expensive, one often resorts to glitch injections (which are however global at the circuit level and therefore do not allow to target specific hardware IPs) or to injections by EM pulses, which present characteristics close to those of lasers (high controllability) and also require dedicated hardware. On the other hand, the faults induced by EM pulses can be assimilated to delay faults, like the faults induced by clock glitch, but limited to the region of the circuit that is attacked.

The objective of this project is to propose, evaluate and validate an emulation flow of EM injection attacks using localized clock glitch. To do so, we will: (1) finalize a design flow that allows to inject errors locally by clock glitch on secure architectures, (2) conduct experimental campaigns of fault injections by EM pulses, (3) evaluate the correlation of EM faults with the errors emulated by the developed flow, and (4) evaluate and propose countermeasures adapted to this type of attacks.