Devices and methods for the detection and localization of fault injection attacks
地域:
Cesson-Sevigne
摘要
A device for detecting perturbation attacks performed on a digital circuit is provided. The device comprises: a first metallic layer and a second metallic layer arranged on the digital circuit, the first metal layer comprising a plurality of signal transmission lines routed horizontally, the second metal layer comprising a plurality of signal transmission lines routed vertically, the device comprising one or more transmitter buffers and one or more receiver buffers, a transmitter buffer and a receiver buffer being connected by each signal transmission line; a random number generator configured to generate random signal values; the device further comprising a transmitter manager connected to one or more transmitter buffers and a receiver manager connected to one or more receiver buffers, wherein: the transmitter manager is configured to transmit random signal values generated by the random number generator over the signal transmission lines of the first metallic layer and the second metallic layer, the receiver manager is configured to receive random signal values from the transmitter manager through the one or more receiver buffers connected to the receiver manager, measure a transmission time corresponding to a time of transmission of the received random signal values, and compare the transmission time to a predefined timing interval to detect perturbation attacks.
說明書
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
This application is a National Stage of International patent application PCT/EP2019/086519, filed on Dec. 20, 2019, which claims priority to foreign European patent application No. EP 18306753.7, filed on Dec. 20, 2018, the disclosures of which are incorporated by reference in their entirety.
The invention generally relates to digital electronics, and in particular to the detection and localization of fault injection attacks performed on digital circuits.
Digital electronics is used to design digital devices in various systems such as industrial systems, communication systems, computing systems, or security systems. Examples of digital devices comprise computers, smart-phones, tablets, embedded systems, smart devices (e.g. smart cards, tags, Internet of Thing sensors and devices), storage device (e.g. USB sticks and hard-drives), and security devices. Digital devices based on digital circuitry are becoming essential items in several applications such as in aerospace, automotive, energy, health care, and transportation fields.
Digital storage, communication, or computing devices handle digital information in the form of discrete bands of analog levels, and are controlled by control means which use Boolean logic. The hardware part of digital devices generally comprises digital circuits, integrated circuits, and logic gates that operate on digital signals.
權(quán)利要求
The invention claimed is:1. A device for detecting perturbation attacks performed on a digital circuit, wherein the device comprises:a first metallic layer and a second metallic layer arranged on said digital circuit, said first metal layer comprising a plurality of signal transmission lines routed horizontally, said second metal layer comprising a plurality of signal transmission lines routed vertically, the device comprising one or more transmitter buffers and one or more receiver buffers, a transmitter buffer and a receiver buffer being connected by each signal transmission line; a random number generator configured to generate random signal values; the device further comprising a transmitter manager connected to one or more transmitter buffers and a receiver manager connected to one or more receiver buffers, wherein:the transmitter manager is configured to transmit random signal values generated by said random number generator over the signal transmission lines of the first metallic layer and the second metallic layer, said random signal values being transmitted from said one or more transmitter buffers, connected to said transmitter manager, to said one or more receiver buffers connected to said receiver manager, and the receiver manager is configured to receive random signal values from the transmitter manager through said one or more receiver buffers connected to the receiver manager, measure a transmission time corresponding to a time of transmission of said received random signal values, and compare said transmission time to a predefined timing interval to detect perturbation attacks. 2. The device of claim 1 , wherein the device is further configured to localize a detected perturbation attack from the comparison between said transmission time and said predefined timing interval. 3. The device of claim 1 , wherein said predefined timing interval is related to the number of system clock cycles needed to transmit said random signal values through each signal transmission line. 4. The device of claim 3 , said predefined timing interval is represented by a first threshold corresponding to a minimum timing value and a second threshold corresponding to a maximum timing value, said first and second thresholds being determined depending on one or more parameters in the group consisting of a length of the signal transmission lines comprised in the first metallic layer and in the second metallic layer, a temperature, a voltage, and a load of a power supply charging the digital circuit 1. 5. The device of claim 4 , wherein said receiver manager is configured to compare the transmission time to said first threshold and to said second threshold, the receiver manager detecting a perturbation attack if the measured transmission time is lower than said first threshold or if the measured transmission time is higher than said second threshold. 6. The device of claim 5 , wherein said receiver manager uses an internal clock with a frequency higher than the frequency of said system clock, a timing interval represented by a first threshold and a second threshold being defined by the number of internal clock cycles needed to transmit said random signal values through the signal transmission lines. 7. The device of claim 6 , wherein said receiver manager is configured to raise an alarm:if the counter is equal to said second threshold and the random signal values transmitted through said signal transmission lines are different from the updated random signal values stored during said rising edge of system clock, or if the counter is lower than said first threshold and the random signal values transmitted through said signal transmission lines during a current system clock cycle are different from the random signal values transmitted through the signal transmission lines during the preceding system clock cycle, or if the counter is higher than said second threshold and the random signal values transmitted through said signal transmission lines during a current system clock cycle are different from the random signal values transmitted through the signal transmission lines during the preceding system clock cycle, or if the random signal values transmitted through said signal transmission lines change more than two times during one system clock cycle. 8. The device of claim 1 , wherein the random number generator is configured to update said random signal values at each rising edge of a system clock, the transmitter manager being configured to transmit updated random signal values at each rising edge of said system clock. 9. The device of claim 8 , wherein said receiver manager is configured to:receive and store said updated random signal values during each rising edge of said system clock and to initialize a counter at each rising edge of said system clock; increment said counter at each rising edge of the internal clock; compare, at each clock cycle of said internal clock, the counter to said first threshold and said second threshold; read, at each rising edge of said internal clock, random signal values transmitted through the signal transmission lines; compare, at each rising edge of said internal clock, random signal values transmitted through signal transmission lines to stored updated random signal values; and compare, at each rising edge of said internal clock, random signal values transmitted through said signal transmission lines during a current system clock cycle to random signal values transmitted through the signal transmission lines during the precedent system clock cycle. 10. The device of claim 1 , wherein said receiver manager is configured to determine localizations of one or more detected perturbation attacks using at least one signal transmission line routed horizontally and at least one signal transmission line routed vertically. 11. The device of claim 1 , wherein said perturbation attack is one of a power glitch, a system clock tampering, a laser or light injection attack, or an electromagnetic injection attack. 12. The device of claim 1 , wherein said digital circuit is a cryptographic digital circuit comprising at least a sub-circuit configured to perform one or more cryptographic operations chosen in a group comprising data and/or signal encryption and/or decryption, message authentication, and digital signatures. 13. The device of claim 12 , wherein data and/or signal encryption and/or decryption implements one or more of error correcting codes, hash functions, and secret key-based encryption algorithms. 14. The device of claim 13 , wherein a secret key-based encryption algorithm is a symmetric encryption algorithm chosen in a group comprising DES (Data Encryption Standard), 3DES, AES (Advanced Encryption Standard), and RC4 (Rivest Cipher 4), and a secret key-based encryption algorithm is an asymmetric encryption algorithm chosen in a group comprising RSA (Rivest-Shamir-Adleman) and ECDSA (Elliptic Curve Digital Signature Algorithm). 15. A method for detecting perturbation attacks performed on a digital circuit, wherein the method comprises:arranging a first metallic layer and a second metallic layer on said digital circuit, said first metallic layer comprising a plurality of signal transmission lines routed horizontally, said second metallic layer comprising a plurality of signal transmission lines routed vertically, each signal transmission line connecting a transmitter buffer to a receiver buffer; generating random signal values; transmitting, by a transmitter manager, the random signal values over the signal transmission lines of the first metallic layer and the second metallic layer, said random signal values being transmitted from one or more transmitter buffers connected to said transmitter manager, to one or more receiver buffers connected to a receiver manager; receiving said random signal values by said receiver manager; measuring a transmission time corresponding to a time of transmission of said received random signal values and; comparing said transmission time to a predefined timing interval to detect perturbation attacks.
意見反饋
使用該功能遇到問題