Modern error injection techniques allow an adversary to attack cryptographic devices by inducing errors of any multiplicity. The errors can be induced into every part of the circuit, including to the Finite State Machine (FSM) that controls the execution of cryptographic algorithms. One of the most efficient countermeasures against these attacks are error detecting codes. The codes are usually designed under the assumption that the codewords occur with equal probability. However, in most of the FSMs, some states (which are encoded as binary codewords) are much more probable than others. In this paper we show that when the probability distribution of the states is highly skewed, the state assignment, i.e. the mapping between the states and the codewords, determines the attack detection capability of the codes. The worst case scenario is analyzed and a method that allows the designer to avoid this scenario with a relatively low cost is presented.
|Title of host publication
|1st Workshop on Trustworthy Manufacturing and Utilization of Secure Devices, TRUDEVICE
|Published - 2013