Clock Glitch versus SIFA

Abstract

Fault-injection attacks are among the most powerful physical threats to the security of cryptographic implementations. Trivially, protection against such attacks is of main concerns of hardware designers, particularly for the products which need to go through a common-criteria evaluation process. After the introduction of Statistical Ineffective Fault Attack (SIFA), several countermeasures have been introduced aiming at defeating its frightening power of disabling several protection schemes. Here in this work, we consider a set of such recent countermeasures and practically show their susceptibility to SIFA when the faults are injected by clock glitch. We indeed show that when the faults are injected by clock glitch, SIFA can be seen as a generalized form of Fault Sensitivity Analysis (FSA) attack. Although it is usually seen as the most convenient way to inject faults, we argue that countermeasures devoted to SIFA should not be practically examined by clock glitch.