Software Fault Resistance is Futile: Effective Single-Glitch Attacks

Fault attacks are a serious threat for the secure embedded software running on a wide spectrum of embedded devices. Fault attacks can be thwarted using countermeasures in software. Among them, instruction-level countermeasures provide a fine-grained protection by executing redundant copies of an assembly instruction, and verifying their results for fault detection. It is assumed that this fine-grained security can only be broken by injecting multiple faults with expensive tools. In this work, we break the security of state-of-the-art instruction-level countermeasures by injecting single clock glitches with a low-cost fault injection setup. We first analyze their vulnerabilities by considering micro-architectural aspects such as pipelining effects. Second, we experimentally demonstrate the feasibility of exploiting these vulnerabilities on a SAKURA-G board. Finally, as a case study, we apply a recent biased fault attack on a fault-resistant software implementation of LED block cipher, and retrieve its secret key.