Information Leakage Threats for Cryptographic Devices Using IEMI and em Emission

In this paper, we present a new information leakage threat combining intentional electromagnetic interference (IEMI) and observations of EM leakage. In previous studies, the analysis of secret key information in cryptographic modules using fault injection has led to methods whereby faults can be injected via low-voltage IEMI. However, the timing of fault injections cannot be controlled with this approach, and it is difficult to obtain faulty ciphertexts for use in secret key analysis by differential fault analysis (DFA). To overcome this problem, we propose a method for estimating the fault-injection timing by detecting characteristic fluctuations in the EM leakage from the device. As a result, it may be possible to implement a realistic secret information analysis method applicable to a wide range of devices. First, to show the feasibility of the proposed method, we describe an experiment using an on-chip fault-injection circuit that can control the injection timing. Furthermore, we apply a fault analysis method that combines the injection timing estimation method and fault injection by IEMI in a practical experimental environment. We select useful faulty ciphertexts using the proposed method, and then perform secret key analysis by DFA. Experimental results demonstrate that the secret key can be successfully analyzed.