Improving Fault Attacks on Embedded Software Using RISC Pipeline Characterization

A fault attack becomes more efficient when the fault behavior, the response of a device to a fault injection, is precisely understood. In this paper, we present a methodology for fault attacks and their analysis on pipelined RISC processors. For complex hardware structures such as microprocessor pipelines, modeling the fault behavior can become challenging. By analyzing the structure of the RISC pipeline, we obtain insight into the most likely faults, and we are able to pinpoint the most sensitive points during execution of a cryptographic software program. We use this result to apply a recent class of fault injection attacks, so-called biased fault injection attacks, to two different software implementations of AES. Our target microprocessor is a 7-stage pipeline LEON3, mapped into a Spartan6 FPGA. The paper explains the methodology, the fault injection setup, and the fault analysis on the embedded software design of AES. Our results are useful for embedded software designers who have a need to understand the fault attack sensitivity of their implementation, as well as for security engineers who are in charge of improving countermeasures, in hardware or in software, against fault attacks.