eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2019/1053

Modeling Memory Faults in Signature and Authenticated Encryption Schemes

Marc Fischlin and Felix Günther

Abstract

Memory fault attacks, inducing errors in computations, have been an ever-evolving threat to cryptographic schemes since their discovery for cryptography by Boneh et al. (Eurocrypt 1997). Initially requiring physical tampering with hardware, the software-based rowhammer attack put forward by Kim et al. (ISCA 2014) enabled fault attacks also through malicious software running on the same host machine. This led to concerning novel attack vectors, for example on deterministic signature schemes, whose approach to avoid dependency on (good) randomness renders them vulnerable to fault attacks. This has been demonstrated in realistic adversarial settings in a series of recent works. However, a unified formalism of different memory fault attacks, enabling also to argue the security of countermeasures, is missing yet. In this work, we suggest a generic extension for existing security models that enables a game-based treatment of cryptographic fault resilience. Our modeling specifies exemplary memory fault attack types of different strength, ranging from random bit-flip faults to differential (rowhammer-style) faults to full adversarial control on indicated memory variables. We apply our model first to deterministic signatures to revisit known fault attacks as well as to establish provable guarantees of fault resilience for proposed fault-attack countermeasures. In a second application to nonce-misuse resistant authenticated encryption, we provide the first fault-attack treatment of the SIV mode of operation and give a provably secure fault-resilient variant.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Major revision. CT-RSA 2020
DOI
10.1007/978-3-030-40186-3_4
Keywords
fault attackssecurity modelfault resiliencedeterministic signatures
Contact author(s)
marc fischlin @ cryptoplexity de
mail @ felixguenther info
History
2020-01-16: revised
2019-09-18: received
See all versions
Short URL
https://ia.cr/2019/1053
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/1053,
      author = {Marc Fischlin and Felix Günther},
      title = {Modeling Memory Faults in Signature and Authenticated Encryption Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1053},
      year = {2019},
      doi = {10.1007/978-3-030-40186-3_4},
      note = {\url{https://eprint.iacr.org/2019/1053}},
      url = {https://eprint.iacr.org/2019/1053}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.