On the Complexity Reduction of Laser Fault Injection Campaigns using OBIC Measurements
Falk Schellenberg, Markus Finkeldey, Bastian Richter, Maximilian Schäpers, Nils C. Gerhardt, Martin R. Hofmann , Christof Paar
Fault Diagnosis and Tolerance in Cryptography - FDTC 2015, Saint Malo, France, September 13, 2015.
Laser Fault Injection (LFI) is one of the most powerful methods of inducing a fault as it allows targeting only specific areas down to single transistors. The downside compared to non-invasive methods like introducing clock glitches is the largely increased search space. An exhaustive search through all parameters including dimensions for correct timing, intensity, or length might not be not feasible. Existing solutions to this problem are either not directly applicable to the fault location or require additional device preparation and access to expensive equipment. Our method utilizes measuring the Optical Beam Induced Current (OBIC) as imaging technique to find target areas like flip-flops and thus, reducing the search space drastically. This measurement is possible with existing laser scanning microscopes or well-equipped LFI setups. We provide experimental results targeting the Advanced Encryption Standard (AES) hardware accelerator of an Atmel ATXMega microcontroller.[DOI] [pdf]