SPFA: SFA on Multiple Persistent Faults
This addresses a security problem for cryptographic systems by enabling attacks with multiple persistent faults, though it is incremental as it builds on prior PFA and SFA methods.
The paper tackles the limitation of Persistent Fault Analysis (PFA) by extending it to handle multiple unknown faults using Statistical Fault Analysis (SFA), resulting in a more general attack called SPFA that can recover secret keys from biased faults in targeted rounds, as verified against LED and AES.
For classical fault analysis, a transient fault is required to be injected during runtime, e.g., only at a specific round. Instead, Persistent Fault Analysis (PFA) introduces a powerful class of fault attacks that allows for a fault to be present throughout the whole execution. One limitation of original PFA as introduced by Zhang et al. at CHES'18 is that the faulty values need to be known to the adversary. While this was addressed at a follow-up work at CHES'20, the solution is only applicable to a single faulty value. Instead, we use the potency of Statistical Fault Analysis (SFA) in the persistent fault setting, presenting Statistical Persistent Fault Analysis (SPFA) as a more general approach of PFA. As a result, any or even a multitude of unknown faults that cause an exploitable bias in the targeted round can be used to recover the cipher's secret key. Indeed, the undesired faults in the other rounds that occur due the persistent nature of the attack converge to a uniform distribution as required by SFA. We verify the effectiveness of our attack against LED and AES.