FISSC: the Fault Injection and Simulation Secure Collection
A collection of C codes with countermeasures against fault injections associated to attack scenarios.
This collection has been initiated during the Sertif project (Simulation for the Evaluation of Robustness of embedded Applications against Fault injection), a project funded by the call ANR-DGA ASTRID 2014 (project ANR-14-ASTR-0003-01). Link on the Sertif project
The FISCC collection is actually maintained by Vérimag. Attacks are produced by our tool Lazart.
We present FISSC, the first public code collection dedicated to fault injection robustness evaluation. Applications are hardened against fault injections by the way of countermeasures, allowing to abort the execution or infect observable results. Crafting applications robust against fault injections, and evaluating this robustness, is an open problem for all actors of the secure application development life cycle. For instance developpers and evaluators have to evaluate the accuracy of a set of countermeasures with respect to assets to be protected. In order to assist this process, some tools have been developed. The major difficulty for these tools is the absence of representative codes and criteria to evaluate or compare obtained results. The FISSC collection is the first public response to this problem.
We aim to:
- Provide a common set of representative secure applications that can be hardened against fault injection.
- Provide an inventory of classical countermeasures illustrated through examples allowing to evaluate the accuracy of these countermeasures.
- Provide a methodology for analyzing and comparing the results of a robustness evaluation campaign.
This way we provide developers and evaluators with the means to quantify and qualify the robustness of code examples and to analyze the effectiveness and relevance of countermeasures in hardened code.
The benchmark is available : here.
APP link here.
If you are using it, Please cite FISSC :
L. Dureuil, G. Petiot, M.-L. Potet, T.-H. Le, A.
Crohen, Ph. de Choudens.
FISSC: a Fault Injection and Simulation Secure Collection.
In International Conference on Computer Safety, Reliability and Security (SAFECOMP), 2016.
pdf et bibtex
Results on an example
Here is an example of verify-pin with attacks against authentication. We aim a maximum of 4 faults:
- the source code: Verify-pin2
- number of founded attacks : out.txt
- attacks scenarios:
fault_graph_appli_1_test_test000011.replay.pdf (with a single fault injection)
fault_graph_appli_1_test_test000012.replay.pdf (with a single fault injection)
fault_graph_appli_2_test_test000006.replay.pdf (with a double fault injection)
fault_graph_appli_4_test_test000017.replay.pdf (with four fault injections)
We simply have a directory for shared files, containing the definition of common types and functions, and a directory for each secure application.
Each example (e.g. aes_addRoundKey_cpy) has its own directory, containing a Makefile, an include directory and a source directory. In the source directory:
- code.c defines the function under analysis (e.g. a function verifying a PIN code);
- countermeasure.c defines the countermeasure function, setting a flag to indicate that an attack has been detected;
- initialize.c setups the variables of the program;
- oracle.c defines the oracle determining whether an attack is successful;
- main.c defines the main function that calls the function under analysis and checks the oracle.
The main() function returns 1 if the oracle is verified, 0 otherwise.
For now the available exemples in the collection are:
- aes_addRoundKey_cpy: where we are looking for attacks disrupting the copy of the key
- VerifyPIN with hardened bools
- VerifyPIN with hardened bools and fixed-time loop
- VerifyPIN with hardened bools, fixed-time loop and inlined function
- VerifyPIN with hardened bools, and fixed-time loop, inlined function, PTC decremented first, PTC backup and loop counter
- VerifyPIN with hardened bools, fixed-time loop, PTC decremented first and double call
- VerifyPIN with hardened bools, fixed-time loop, inlined call, PTC decremented first and double test
- VerifyPIN with hardened bools, fixed-time loop, inlined call, PTC decremented first, double test and step counter
- VerifyPIN with hardened bools and control-flow integrity
- VerifyPIN with hardened bools, fixed-time loop, inlined call, PTC decremented first, double test, step counter and control-flow integrity
- GetChallenge with hardened bools, virtual stack, double arguments, step counter and loop counter
- CRT-RSA with Aumuller countermeasure
- CRT-RSA with Shamir countermeasure
For each version of VerifyPIN, we are looking for attacks:
- leading to a successful authentication with an erroneous PIN
- leading to a non-decrement of the try counter in case of a failed authentication
For each example, results are provided in a directory named results. Each result directory contains:
- .pdf files displaying high-level attack scenarios.
- .out files containing details about the input and the trace of each attack
You can redistribute FISSC and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software
Foundation, version 3.0.
It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Lesser General Public License version 3.0
for more details (enclosed in the file LICENSE).
FISSC is filed with "Agence pour la Protection des Programmes".
deposit: IDDN 1 .FR 2 .001 3 .460039 4 .000 5 .S 6 .P 7 .2021 8 .000 9 .10000 10000
If you are interested to contribute (with new examples or adding results of new tools to existing examples) do not hesitated to contact us.