Chinese Academy of Sciences and The Chinese University of Hong Kong, China
Fault Injection Attacks, DFST, Security Evaluation, Quantitative Evaluation, RSA.
Enterprise Information Systems
Information Systems Analysis and Specification
Information Technologies Supporting Learning
Security and Privacy
Fault injection attacks have become a serious threat against cryptographic ICs. However, the traditional security evaluation often demands experienced engineers repeatedly scan the IC under test for a few hours to a few days, and take the workload statistics and experiences as qualitative indexes. This paper proposes a quantitative model to evaluate security based Design for Security Test (DFST), considering both the sensitive time during the algorithm operation and the sensitive area of the cryptographic IC against fault injection attacks. The case study on two RSA implementations demonstrates the feasibility of the quantitative evaluation of security model.