Transient IEMI Threats for Cryptographic Devices

This paper presents a new type of intentional electromagnetic interference (IEMI) which causes information leakage in electric devices without disrupting their functions or damaging their components. Such IEMI could pose a severe threat to a large number of electric devices with cryptographic modules since it can be used for performing fault injection attacks, which in turn allows for obtaining faulty outputs (i.e., ciphertexts) from cryptographic modules and exploiting them to reveal information about secret keys. Such faulty outputs are usually generated by inducing faults into target modules through modification or invasion of the modules themselves. In contrast, IEMI-based fault injection can be performed on the target modules from a distance by using an off-the-shelf injection probe, without leaving any hard evidence of the attack. We demonstrate the impact of the aforementioned IEMI through experiments using the Advanced Encryption Standard, which is one of the ISO/IEC 18033 block ciphers, implemented as a module on a standard evaluation board. The experimental results indicate that generating exploitable faults is feasible and, therefore, such IEMI presents a tangible threat to various existing electric devices and systems that use cryptographic modules for secure communication and transactions.