High Speed Clock Glitching

by Santosh Desiraju

Institution: Cleveland State University
Department: Washkewicz College of Engineering
Degree: MSin Electrical Engineering
Year: 2015
Keywords: Electrical Engineering; Engineering; Fault Injection; Clock glitching; Hardware attacks; RSA; High-speed clock; ARM Cortex-M4
Record ID: 2060074
Full text PDF: http://rave.ohiolink.edu/etdc/view?acc_num=csu1424139368


In recent times, hardware security has drawn lot of interest in the research community. With physical proximity to the target devices, various fault injection hardware attack methods have been proposed and tested to alter their functionality and trigger behavior not intended by the design. There are various types of faults that can be injected depending on the parameters being used and the level at which the device is tampered with. The literature describes various fault models to inject faults in clock of the target but there are no publications on overclocking circuits for fault injection. The proposed method bridges this gap by conducting high-speed clock fault injection on latest high-speed micro-controller units where the target device is overclocked for a short duration in the range of 4-1000 ns. This thesis proposes a method of generating a high-speed clock and driving the target device using the same clock. The properties of the target devices for performing experiments in this research are: Externally accessible clock input line and GPIO line. The proposed method is to develop a high-speed clock using custom bit-stream sent to FPGA and subsequently using external analog circuitry to generate a clock-glitch which can inject fault on the target micro-controller. Communication coupled with glitching allows us to check the target’s response, which can result in information disclosure.This is a form of non-invasive and effective hardware attack. The required background, methodology and experimental setup required to implement high-speed clock glitching has been discussed in this thesis. The impact of different overclock frequencies used in clock fault injection is explored. The preliminary results have been discussed and we show that even high-speed micro-controller units should consider countermeasures against clock fault injection.Influencing the execution of Tiva C Launchpad and STM32F4 micro-controller unitshas been shown in this thesis. The thesis details the method used for the testing and the parameters used in the process are included. The implementation and design of the clock-glitch prototype system on the FPGA-clock jitter cleaner platform is discussed in this research. Glitching the execution of high-frequency targets is the goal of this project.