Electromagnetic analysis (EMA) against public-key cryptographic software on an embedded OS is presented in this paper. First, we propose a method for finding an observation point for EMA, where the EM radiation caused by cryptographic operations can be observed with low noise. The basic idea is to find specific EM radiation patterns produced by cryptographic operations given specific input pattern. During the operations, we scan the surface of the target device(s) with a micro magnetic probe. The scan is optimized in advanced using another compatible device that has the same central processing unit (CPU) and OS as the target device. We demonstrate the validity of the proposed EMAs through some EMA experiments with two types of RSA software on an embedded OS platform. The two types of RSA software have different implementations for modular multiplication algorithms: one is a typical and ready-made implementation using BigInteger class on Java standard library, and another is a custom-made implementation based on the Montgomery multiplication algorithm. We conduct experiments of chosen-message EMA using our scanning method, and show such EMAs successfully reveal the secret key of RSA software even under the noisy condition of the embedded OS platform. We also discuss some countermeasures against the above EMAs.

Finite difference time domain (FDTD) method has been accelerated on the Cell Broadband Engine (Cell B.E.). However the problem has arisen that speedup is limited by the bandwidth of the main memory on large-scale analysis. As described in this paper, we propose a novel algorithm and implement FDTD using it. We compared the novel algorithm with results obtained using region segmentation, thereby demonstrating that the proposed algorithm has shorter calculation time than that provided by region segmentation.

This paper proposes a multiple-fault injection attack based on adaptive control of fault injection timing in embedded microcontrollers. The proposed method can be conducted under the black-box condition that the detailed cryptographic software running on the target device is not known to attackers. In addition, the proposed method is non-invasive, without the depackaging required in previous works, since such adaptive fault injection is performed by precisely generating a clock glitch. We first describe the proposed method which injects two kinds of faults to obtain a faulty output available for differential fault analysis while avoiding a conditional branch in a typical recalculation-based countermeasure. We then show that the faulty output can be obtained by the proposed method without using information from the detailed instruction sequence. In particular, the validity of the proposed method is demonstrated through experiments on Advanced Encryption Standard (AES) software with a recalculation-based countermeasure on 8-bit and 32-bit microcontrollers. We also present a countermeasure resistant to the proposed method.

This paper presents a glitchy-clock generator integrated in FPGA for evaluating fault injection attacks and their countermeasures on cryptographic modules. The proposed generator exploits clock management capabilities, which are common in modern FPGAs, to generate clock signal with temporal voltage spike. The shape and timing of the glitchy-clock cycle are configurable at run time. The proposed generator can be embedded in a single FPGA without any external instrument (e.g., a pulse generator and a variable power supply). Such integration enables reliable and reproducible fault injection experiments. In this paper, we examine the characteristics of the proposed generator through experiments on Side-channel Attack Standard Evaluation Board (SASEBO). The result shows that the timing of the glitches can be controlled at the step of about 0.17 ns. We also demonstrate its application to the safe-error attack against an RSA processor.