Clock Fault Injection Attack On AES And Countermeasures

With the popularization of the computer network and the development of the communication technology,the demand for information security is increasing and the cryptographic algorithm is widely used in a variety of devices.However,the cryptographic algorithm can not secure these devices absolutely.Fault injection attack could get the secret key by injecting faults into the encryption process and analyzing the faulty encryption results.The implementation cost of the fault injection attack is not high,but the success rate of the attack is high,so the attack poses a great threat to the security of the cryptographic device.This paper presents a clock fault injection attack scheme for AES encryption algorithm,which includes the fault attack method and the fault injection technique.We compared and improved the existing methods of fault attack,and proposed a new attack method to recover the secret key by using the faulty ciphertexts.This method only requires the injection time of the faults,and there is no limit to the number of faulty bytes.By adding a glitch in a specified cycle of the clock signal,the timing constraint of the cryptographic circuit is violated and the output ciphertext is faulty.We designed a clock glitch generation circuit.In order to attack AES in practice,this paper also designs an attack experimental platform.The experimental platform uses the FPGA development board to achieve the AES encryption algorithm,uses an external clock signal to generate the clock glitch,uses a personal computer to deal with data.In this paper,the software simulation and actual attack experiments were achieved.The software simulation attack was implemented in the Visual C++6.0 development environment,and the experimental results prove the correctness of the fault model and fault attack method.The actual attack was actualized on the experimental platform designed in this paper.,the experimental results show that if the frequency of the clock glitch is set appropriately,only 6 faulty ciphertexts are necessary to discover the secret key.Some countermeasures against the attack are then suggested.