1、I Have Got to Warn You,It Is a Learning Robot:Using DeepLearning Attribution Methods for Fault Injection AttacksKarim M.AbdellatifWhoamiHardware Wallet ManufacturerDonjonLedgers Security Research Team2Hardware attacksFault injection:Perturbing the chip during sensitiveoperations:Power and clock glit
2、chesElectromagnetic fault injection(EMFI)Body biasing injection(BBI)Laser fault injection(LFI)Side-channel:Investing leakages such as EM,power,ortime to perform:Simple power analysis(SPA)Differential power analysis(DPA)Profiling attacks3MotivationWorking on black-box fault injection evaluations take
3、s alot of time.A lot of parameters should brute-forced:Example:BBI or laser fault injection require tuning thefollowing parameters:pulse power,pulse width,vulnerable timing moments,and XY point.Identifying vulnerable timing moments is one of the bigchallenges,especially under the case of countermeas
4、uresthat require injecting multiple faults.Having reverse engineering tools would be very useful in suchevaluations.(BBI attack1)1Donjon,”Breaking A Recent SoCs Hardware AES Accelerator Using Body Biasing Injection”,HW.io 2022.4OutlineDeep Learning in Hardware SecurityDeep Learning Attribution Metho
5、dsPractical Challenge:DS28C36 from Analog DevicesApplying DL Attribution Methods into Fault InjectionToolingConclusion5DEEP LEARNING IN HARDWARE SECURITYDL-based SCAsDL-based SCAs2Several devices for learning and testBetter efficiency in case of countermeasures3DL-based leakage detection4It uses DL
6、attribution methods to detect POIs.Better than classical statistical techniques in case of countermeasures2H.Maghrebi,T.Portigliatti,and E.Prouff.”Breaking cryptographic implementations using deeplearning techniques”,SPACE 2016.3E.Cagli,C.Dumas,and E.Prouff”Convolutional neural networks with data au