Issue No.05 - September/October (2005 vol.3)
David Naccache , Departement d'Informatique, Ecole Normale Superieure, Paris, France
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.122
The injection of an error can, in fact, cause the leakage of confidential information. Often, the only way to attack strong cryptographic implementations is to attack the infrastructure upon which they are built. This infrastructure is most often the underlying operating system or middleware, but attacks can also be mounted directly against the hardware upon which the cryptographic implementation is being run. This issue's Crypto Corner describes some of the methods used to induce faults in systems and explains how such faults can be exploited to reveal secret information.
fault tolerance, fault injection, error
David Naccache, "Finding Faults", IEEE Security & Privacy, vol.3, no. 5, pp. 61-65, September/October 2005, doi:10.1109/MSP.2005.122