故障注入攻击以设备要求低、效果显著逐渐成为芯片攻击的一种有效手段,对集成电路信息安全构成了严重威胁.为了尽早发现集成电路设计中的安全隐患,设计者需要简单有效的方法在设计阶段检测设计的抗故障注入攻击能力.为此,提出一种故障注入攻击软件仿真方法.首先设置3个基本参数生成包含故障数据的控制文件,构建复杂故障模型以模拟各种故障注入攻击技术;然后综合待测电路源码得到网表,在网表中插入采用可综合的硬件描述语言实现的故障注入逻辑得到新网表;再将新网表送入仿真器中仿真,仿真过程中故障注入逻辑自动读取控制文件将故障注入到待测电路中,同时收集待测电路输出;最后评估程序分析收集到的输出数据,给出评估报告.当待测电路提交给仿真系统后,系统自动完成故障注入攻击模拟和安全评估操作,给出待测电路抗故障注入攻击能力评估报告.对AES-128加密电路进行故障注入攻击和差分故障分析的实验结果表明,该方法简单有效;AES-128电路对翻转故障敏感,其输出端口的一些字节更容易出现错误,需要加强防护.%Due to the low requirement of equipment and great effectiveness of attack,fault injection attack (FIA) is becoming an effective means for chip attack,and poses serious threats to the information security of integrated circuits.For early identification of security hazards,circuit designers need a simple and effective method to evaluate the countermeasures of the designs against the FIAs.To address the need,this paper proposed a simulation-based method,which mimics the FIAs on a circuit design.After the circuit under test (CUT) is submitted,the process of mimicking and evaluating is automatically executed and a report on the ability of the CUT against the FIAs is generated.The method set three basic parameters to generate a file named control file containing fault data,in order to build complex fault models and mimic various FIA techniques.After the CUT is synthesized into a netlist,fault injection logic (FIL) implemented using synthesizable hardware describe language is inserted into the netlist.The new netlist is then passed to the simulator,and the FIL automatically reads the control file,injects faults into the CUT and collects the CUT's outputs during simulation.Finally,the evaluation program carries out the evaluation with the collected outputs and gives an evaluation report.The experimental results with various fault injection attacks and differential fault analysis on AES-128 encryption circuit showed the simplicity and effectiveness of the proposed method and reported that AES-128 circuit is sensitive to the flip fault,and certain bytes of the output ports are more prone to attacks and thus need to be protected.
展开▼
