Go to CP 2018 homepageAlgebraic Fault Attack on SHA Hash Functions Using Programmatic SAT Solvers
Abstract: We present an algebraic fault attack (AFA) solver for recovering secret bits from hardware implementations of the SHA family of hash functions. The crucial insight in our method is the use of SHA-based propagation and conflict-analysis methods in the inner-loop of a Boolean conflict-driven clause-learning SAT solver, à la the DPLL(T) paradigm. In our method the fault-injected part of the hash function is translated into a Boolean formula (which is then fed as input to the SAT solver), while the rest is encoded via a programmatic interface as part of the SAT solver’s propagation and conflict analysis routines. Such an approach enables the addition of learnt clauses to the SAT solver in an on-demand and lazy fashion. We evaluated our tool under a variety of fault models, and showed that we can recover the secret bits faster and with far fewer number of injected faults compared to previous best work. AFA is a powerful way of empirically verifying the strength of a cryptographic function’s implementation.
0 Replies
Loading