Authors: Tom Dowling, Adam Duffy

Abstract:

This paper presents an architecture to assist in the development of tools to perform experimental analysis. Existing implementations of tools based on this architecture are also described in this paper. These tools are applied to the real world problem of fault attack emulation and detection in cryptographic algorithms.

Keywords: Software Architectures and Design, Software Componentsand Reuse, Engineering Secure Software.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1078988

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1345

References:

[1] H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan. The Sorcerer-s Apprentice Guide to Fault Attacks. Workshop on Fault Detection and Tolerance in Cryptography, 2004.
[2] I. Blake, G. Seroussi, and N. Smart. Elliptic Curves in Cryptography. Cambridge University Press, 1st edition, 1999.
[3] D. Boneh, R. A. DeMillo, and R. J. Lipton. On the Importance of Checking Cryptographic Protocols for Faults. Lecture Notes in Computer Science, 1233:37-51, 1997.
[4] J. M. Bull, L. A. Smith, M. D. Westhead, D. S. Henty, and R. A. Davey. A Benchmark Suite for High Performance Java. Concurrency: Practice and Experience, pages 375-388, 2000.
[5] J. M. Bull, L. A. Smith, M. D. Westhead, D. S. Henty, and R. A. Davey. Benchmarking Java Grande Applications. Proceedings of The Second International Conference on The Practical Applications of Java, pages 63-73, 2000.
[6] Z. Chen. Java Card Technology for Smart Cards. Addison-Wesley, 1st edition, 2000.
[7] M. Ciet and M. Joye. Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults. Designs, Codes and Cryptography, 36:33-43, 2005.
[8] J. Devore and R. Peck. Statistics: The Exploration and Analysis of Data. Duxbury Press, 2nd edition, 1993.
[9] T. Dowling and A. Duffy. A Java API for Experimental Analysis of Algorithms. Proceedings of IASTED International Conference of Software Engineering, 2004.
[10] A. Duffy. Experimental Analysis of EDMs in Implementations of Elliptic Curve Cryptography. Technical report, National University of Ireland, Maynooth, 2006. To Appear.
[11] I. R. Forman and N. Forman. Java Reflection in Action. Manning Publications Co., 1st edition, 2004.
[12] E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns, Elements of Reusable Object Oriented Software. Addison Wesley, 1st edition, 1994.
[13] M. Goossens, F. Mittelbach, and A. Samarin. The LATEX Companion. Addison-Wesley Professional, 1st edition, 1993.
[14] S. Govindavajhala and A. W. Appel. Using Memory Errors to Attack a Virtual Machine. In IEEE Symposium on Security and Privacy, pages 154-165. Institute of Electrical and Electronics Engineers, Inc., 2003.
[15] P. Hamill. Unit Test Frameworks. O-Reilly, 1st edition, 2004.
[16] M. C. Hsueh, T. K. Tsai, and R. K. Iyer. Fault Injection Techniques and Tools. IEEE Computer, 30(4):75-82, 1997.
[17] B. R. Hunt, R. L. Lipsman, and J. M. Rosenberg. A Guide to Matlab: For Beginners and Experienced Users. Cambridge University Press, 1st edition, 2001.
[18] N. Koblitz. A Course in Number Theory and Cryptography. Springer, 2nd edition, 1994.
[19] P. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis. Advances in Cryptology - Crypto -99, pages 388-397, 1999.
[20] N. Krishnamurthy, V. Jhaveri, and J. A. Abraham. A Design Methodology for Software Fault Injection in Embedded Systems. Proceedings of the IFIP International Workshop on Dependable Computing and its Applications, pages 237-248, 1998.
[21] L. Lamport. LaTeX: A Document Preparation System. Addison-Wesley Professional, 2nd edition, 1994.
[22] N. G. M. Leme, E. Martins, and C. M. F. Rubira. A Software Fault Injection Pattern System. Proceedings of the 8th Conference on Pattern Languages of Programs, 2001.
[23] M. Rebaudengo, M. S. Reorda, M. Torchiano, and M. Violente. Softerror Detection through Software Fault Tolerance Techniques. IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, pages 210-218, 1999.
[24] M. Spiegel. Theory and Problems of Statistics. McGraw Hill, 2nd edition, 1972.
[25] J. Xu, S. Chen, Z. Kalbarczyk, and R. K. Iyer. An Experimental Study of Security Vulnerabilities Caused by Errors. In IEEE International Conference on Dependable Systems and Networks, pages 421-432. Institute of Electrical and Electronics Engineers, Inc., 2001.