Smartcards and flashlights
Ross Anderson
Ross.Anderson at cl.cam.ac.uk
Mon, 09 Sep 2002 12:44:07 +0100
> What I was hoping was that someone on here could explain how flashing a
> light at the cell would help, exactly, since the article's very short on
> details like that. :-)
The full paper is at:
http://www.cl.cam.ac.uk/ftp/users/rja14/faultpap3.pdf
and prototype countermeasures are at:
http://www.cl.cam.ac.uk/ftp/users/rja14/async2002paperV2.pdf
You don't read the memory cells but write them. You can also cause
control faults, such as causing the results of a computation to be
written into two registers rather than one.
With a little cunning this can be used to defeat protection. For
example, many cryptographic algorithms leak their keys if they can
be induced to give wrong answers (an RSA digital signature that is
correct mod p but incorrect mod q leaks p and q directly, and
errors in block ciphers can also be exploited). Attacks on program
control flow have also been used; reduce DES to one round and the
solution's straightforward
Ross