Study On Secure Design Of FSM State Registers Against Fault Injection Attacks

With the development of the IC industry and the manufacturing industry,cryptographic chips have been widely used in various fields,and they have the ability to protect keys and sensitive information.Only legitimate users can interact with data through the encryption chip.At present,there are various attack schemes attacking the encryption chip to crack the key.These malicious attackers do not need legitimate authorization to get sensitive information.In general,the side-channel attack can be divided into two types,one is passive attack and the other is active attack.Passive attack generally requires attackers to collect a large amount of information and repeat a large number of experiments.The active attack methods abandon the complicated data collection and propose malicious attack on the chip.Among them,the fault injection attack refers to the attacker changing the external environment to introduce faults in the chip.In this paper,the setup time violation fault injection(STVFI)is the main objective.As the core control unit,a finite-state machine(FSM)inside a chip usually coordinates the activities of various signals and implements specific operations.It has hence been explored that the FSM control structure is also susceptible to the fault injection attack(FIA).In general,an attacker typically induces fault in the FSM by establishing setup time violation,which may cause error state transform which causes the intermediate encryption result of the chip to be exposed in advance.Attackers can implement some methods such as overclocking,low voltage supply and heating chips.These attacking means are not only low-cost but also more efficient than light attacks,UV attacks,and focused ion attack which is high cost attack in data paths.Therefore,these fault injection attacks are more threatening to the encryption chip.In this work,a new type of states register in the FSM is proposed.This states registers will detect and correct timing failures.Three parallel master latches are used to detect and correct the timing errors.Three master latches are controlled by different delayed clock signals,the original master latch is controlled by the original clock,the other two latches are controlled by clock signals with 1/2 delay and 3/4 delay.The values latched by the three latches can determine the current state.In order to reduce the area overhead of the entire state registers and the faster switching speed,the optimizedlatch structure is used to build the entire state registers.The transmission gate not only build the latch but also can achieve the function of logic gates such as MUX and XNOR gate.Afterward,the parallel slave latches are added to against the errors which occur in the after 1/2 clock period.The parallel slave latch contains two slave latches which are controlled by the different delayed clock signal respectively.In order to eliminate the hidden vulnerabilities of jitter,a history latch is added to latch the current state earlier to make the error signal ERROR2 stable.Compared to other FSM protection method,the secure state register has a smaller area overhead and do not require additional circuit structure.The state register can detect and correct the every state transform.In this paper,we first propose a new state register structure to resist the fault injection attack.By assigning a parallel latch to the master-slave latch of the status register,the data is acquired under different delays,and then passed.The comparison of the three master latches corrects the erroneous data in the case of timing violations,and achieves the acquisition of correct data in the event of a logical glitch through a three-to-two mechanism.The introduction of the parallel slave latch and the introduction of the history latch enable the acquisition of the status register value under the clock cycle delay in the case of more than 1/2 clock delay.The value of the status register can be checked and corrected when a fault occurs.The timing is superior to the traditional state register design,and the area overhead is superior to other protection schemes for FSM.The entire design overcomes the faults caused by timing violations from a register perspective and prevents a series of subsequent security vulnerabilities due to timing constraint violations from the source.