{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T07:20:09Z","timestamp":1740122409694,"version":"3.37.3"},"reference-count":28,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2021,11,23]],"date-time":"2021-11-23T00:00:00Z","timestamp":1637625600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,11,23]],"date-time":"2021-11-23T00:00:00Z","timestamp":1637625600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001863","name":"New Energy and Industrial Technology Development Organization","doi-asserted-by":"publisher","award":["JPNP18015"],"award-info":[{"award-number":["JPNP18015"]}],"id":[{"id":"10.13039\/501100001863","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2022,8]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Fault injection attacks (FIA), which cause information leakage by injecting intentional faults into the data or operations of devices, are one of the most powerful methods compromising the security of confidential data stored on these devices. Previous studies related to FIA report that attackers can skip instructions running on many devices through many means of fault injection. Most existing anti-FIA countermeasures on software are designed to secure against instruction skip (IS). On the other hand, recent studies report that attackers can use laser fault injection to manipulate instructions running on devices as they want. Although the previous studies have shown that instruction manipulation (IM) could attack the existing countermeasures against IS, no effective countermeasures against IM have been proposed. This paper is the first work tackling this problem, aiming to construct software-based countermeasures against IM faults. Evaluating program vulnerabilities to IM faults is required to consider countermeasures against IM faults. We propose three IM simulation environments for that aim and compare them to reveal their performance difference. GDB (GNU debugger)-based simulator that we newly propose in this paper outperforms the QEMU-based simulator that we presented in AICCSA:1\u20138, 2020 in advance, in terms of evaluation time at most <jats:inline-formula><jats:alternatives><jats:tex-math>$$\\times$$<\/jats:tex-math><mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                  <mml:mo>\u00d7<\/mml:mo>\n                <\/mml:math><\/jats:alternatives><\/jats:inline-formula>400 faster. Evaluating a target program using the proposed IM simulators reveals that the IM faults leading to attack successes are classified into four classes. We propose secure coding techniques as countermeasures against IMs of each four classes and show the effectiveness of the countermeasures using the IM simulators.<\/jats:p>","DOI":"10.1007\/s10586-021-03438-6","type":"journal-article","created":{"date-parts":[[2021,11,23]],"date-time":"2021-11-23T10:03:08Z","timestamp":1637661788000},"page":"2739-2753","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Constructing software countermeasures against instruction manipulation attacks: an approach based on vulnerability evaluation using fault simulator"],"prefix":"10.1007","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5316-7555","authenticated-orcid":false,"given":"Junichi","family":"Sakamoto","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shungo","family":"Hayashi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daisuke","family":"Fujimoto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tsutomu","family":"Matsumoto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,11,23]]},"reference":[{"issue":"2","key":"3438_CR1","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1109\/JPROC.2005.862424","volume":"94","author":"H Bar-El","year":"2006","unstructured":"Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer\u2019s apprentice guide to fault attacks. Proc. IEEE 94(2), 370\u2013382 (2006). https:\/\/doi.org\/10.1109\/JPROC.2005.862424","journal-title":"Proceedings of the IEEE"},{"key":"3438_CR2","doi-asserted-by":"publisher","unstructured":"Verbauwhede, I., Karaklajic, D., Schmidt, J.: The fault attack jungle\u2014a classification model to guide you. In: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 3\u20138. (2011). https:\/\/doi.org\/10.1109\/FDTC.2011.13","DOI":"10.1109\/FDTC.2011.13"},{"key":"3438_CR3","doi-asserted-by":"publisher","unstructured":"Dehbaoui, A., Mirbaha, A.\u00a0P., Moro, N., Dutertre, J.-M., Tria, A.: Electromagnetic glitch on the AES round counter. In: Constructive Side-Channel Analysis and Secure Design, pp. 17\u201331. Springer, Berlin (2013). https:\/\/doi.org\/10.1007\/978-3-642-40026-1_2","DOI":"10.1007\/978-3-642-40026-1_2"},{"key":"3438_CR4","doi-asserted-by":"publisher","unstructured":"Schmidt, J., Herbst, C.: A practical fault attack on square and multiply. In: 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 53\u201358. (2008). https:\/\/doi.org\/10.1109\/FDTC.2008.10","DOI":"10.1109\/FDTC.2008.10"},{"key":"3438_CR5","doi-asserted-by":"publisher","unstructured":"Barenghi, A., Breveglieri, L., Koren, I., Pelosi, G., Regazzoni, F.: Countermeasures against fault attacks on software implemented AES: effectiveness and cost. In: Proceedings of the 5th Workshop on Embedded Systems Security, WESS \u201910. ACM, New York (2010). https:\/\/doi.org\/10.1145\/1873548.1873555","DOI":"10.1145\/1873548.1873555"},{"issue":"3","key":"3438_CR6","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/s13389-014-0077-7","volume":"4","author":"N Moro","year":"2014","unstructured":"Moro, N., Heydemann, K., Encrenaz, E., Robisson, B.: Formal verification of a software countermeasure against instruction skip attacks. J. Cryptogr. Eng. 4(3), 145\u2013156 (2014). https:\/\/doi.org\/10.1007\/s13389-014-0077-7","journal-title":"J. Cryptographic Engineering"},{"key":"3438_CR7","doi-asserted-by":"publisher","unstructured":"Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of clock glitches on 8-bit mcus. In: 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC, pp. 105\u2013114. (2011). https:\/\/doi.org\/10.1109\/FDTC.2011.9","DOI":"10.1109\/FDTC.2011.9"},{"key":"3438_CR8","doi-asserted-by":"publisher","unstructured":"Moro, N., Dehbaoui, A., Heydemann, K., Robisson, B., Encrenaz, E.: Electromagnetic fault injection: towards a fault model on a 32-bit microcontroller. In: 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 77\u201388. (2013). https:\/\/doi.org\/10.1109\/FDTC.2013.9","DOI":"10.1109\/FDTC.2013.9"},{"key":"3438_CR9","doi-asserted-by":"publisher","unstructured":"Trichina, E., Korkikyan, R.: Multi fault laser attacks on protected CRT-RSA. In: 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2010, Santa Barbara, California, 21 August 2010, pp. 75\u201386. (2010). https:\/\/doi.org\/10.1109\/FDTC.2010.14","DOI":"10.1109\/FDTC.2010.14"},{"key":"3438_CR10","doi-asserted-by":"publisher","unstructured":"Colombier, B., Menu, A., Dutertre, J.-M., Mo\u00ebllic, P.-A., Rigaud, J.-B., Danger, J.-L.: Laser-induced single-bit faults in flash memory: instructions corruption on a 32-bit microcontroller. In: 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 1\u201310. (2019). https:\/\/doi.org\/10.1109\/HST.2019.8741030","DOI":"10.1109\/HST.2019.8741030"},{"key":"3438_CR11","doi-asserted-by":"publisher","unstructured":"Sakamoto, J., Fujimoto, D., Matsumoto, T.: Laser-induced controllable instruction replacement fault attack. IEICE Trans. Fundam. Electron. Commun. Comput. Sci.  (2020). https:\/\/doi.org\/10.1587\/transfun.2019CIP0028","DOI":"10.1587\/transfun.2019CIP0028"},{"key":"3438_CR12","doi-asserted-by":"publisher","unstructured":"Kumar, D. S., Patranabis, S., Breier, J., Mukhopadhyay, D., Bhasin, S., Chattopadhyay, A., Baksi, A.: A practical fault attack on ARX-like ciphers with a case study on chacha20. In: 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 33\u201340. (2017). https:\/\/doi.org\/10.1109\/FDTC.2017.14","DOI":"10.1109\/FDTC.2017.14"},{"key":"3438_CR13","doi-asserted-by":"publisher","unstructured":"Kumar, D.S.V., Beckers, A., Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of laser pulses on atmega328p. In: Smart Card Research and Advanced Applications, 17th International Conference, CARDIS 2018, vol. 11389 of Lecture Notes in Computer Science, pp. 156\u2013170. Springer (2018). https:\/\/doi.org\/10.1007\/978-3-030-15462-2_11","DOI":"10.1007\/978-3-030-15462-2_11"},{"issue":"2","key":"3438_CR14","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1109\/TDSC.2011.54","volume":"9","author":"A Martinez-Alvarez","year":"2012","unstructured":"Martinez-Alvarez, A., Cuenca-Asensi, S., Restrepo-Calle, F., Palomo Pinto, F.R., Guzman-Miranda, H., Aguirre, M.A.: Compiler-directed soft error mitigation for embedded systems. IEEE Trans. Dependable Secure Comput. 9(2), 159\u2013172 (2012). https:\/\/doi.org\/10.1109\/TDSC.2011.54","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"issue":"6","key":"3438_CR15","doi-asserted-by":"publisher","first-page":"1138","DOI":"10.1109\/TCAD.2008.923234","volume":"27","author":"G Fey","year":"2008","unstructured":"Fey, G., Staber, S., Bloem, R., Drechsler, R.: Automatic fault localization for property checking. IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst. 27(6), 1138\u20131149 (2008). https:\/\/doi.org\/10.1109\/TCAD.2008.923234","journal-title":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems"},{"key":"3438_CR16","doi-asserted-by":"publisher","unstructured":"Sakamoto, J., Hayashi, S., Fujimoto, D., Matsumoto, T.: How to code data integrity verification secure against single-spot-laser-induced instruction manipulation attacks. In:  2020 IEEE\/ACS 17th International Conference on Computer Systems and Applications (AICCSA), pp. 1\u20138. IEEE Computer Society, Los Alamitos (2020). https:\/\/doi.org\/10.1109\/AICCSA50499.2020.9316521","DOI":"10.1109\/AICCSA50499.2020.9316521"},{"key":"3438_CR17","doi-asserted-by":"publisher","unstructured":"Endo, S., Homma, N., Hayashi, Y., Takahashi, J., Fuji, H., Aoki, T.: A multiple-fault injection attack by adaptive timing control under black-box conditions and a countermeasure. In: COSADE, vol. 8622 of Lecture Notes in Computer Science, pp. 214\u2013228. Springer (2014). https:\/\/doi.org\/10.1007\/978-3-319-10175-0_15","DOI":"10.1007\/978-3-319-10175-0_15"},{"key":"3438_CR18","unstructured":"ARM: ARM architecture reference manual Thumb-2 supplement (2015). http:\/\/class.ece.iastate.edu\/cpre288\/resources\/docs\/Thumb-2SupplementReferenceManual.pdf"},{"key":"3438_CR19","doi-asserted-by":"publisher","unstructured":"Yuce, B., Ghalaty, N.\u00a0F., Santapuri, H., Deshpande, C., Patrick, C., Schaumont, P.: Software fault resistance is futile: effective single-glitch attacks. In: 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC, pp. 47\u201358. (2016). https:\/\/doi.org\/10.1109\/FDTC.2016.21","DOI":"10.1109\/FDTC.2016.21"},{"key":"3438_CR20","doi-asserted-by":"publisher","unstructured":"Barenghi, A., Bertoni, G.\u00a0M., Breveglieri, L., Pellicioli, M., Pelosi, G.: Low voltage fault attacks to AES. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 7\u201312. (2010). https:\/\/doi.org\/10.1109\/HST.2010.5513121","DOI":"10.1109\/HST.2010.5513121"},{"key":"3438_CR21","doi-asserted-by":"publisher","unstructured":"Rivi\u00e8re, L., Najm, Z., Rauzy, P., Danger, J.-L., Bringer, J., Sauvage, L.: High precision fault injections on the instruction cache of armv7-m architectures. In: 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 62\u201367. (2015). https:\/\/doi.org\/10.1109\/HST.2015.7140238","DOI":"10.1109\/HST.2015.7140238"},{"key":"3438_CR22","doi-asserted-by":"publisher","unstructured":"Menu, A., Bhasin, S., Dutertre, J.-M., Rigaud, J.-B., Danger, J.-L.: Precise spatio-temporal electromagnetic fault injections on data transfers. In: 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 1\u20138. (2019). https:\/\/doi.org\/10.1109\/FDTC.2019.00009","DOI":"10.1109\/FDTC.2019.00009"},{"key":"3438_CR23","doi-asserted-by":"publisher","unstructured":"Rodriguez, J., Baldomero, A., Montilla, V., Mujal, J.: LLFI: Lateral laser fault injection attack. In: 2019 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 41\u201347. (2019). https:\/\/doi.org\/10.1109\/FDTC.2019.00014","DOI":"10.1109\/FDTC.2019.00014"},{"key":"3438_CR24","doi-asserted-by":"publisher","unstructured":"Beringuier-Boher, N., Lacruche, M., El-Baze, D., Dutertre, J.-M., Rigaud, J.-B., Maurine, P.: Body biasing injection attacks in practice. In: Proceedings of the Third Workshop on Cryptography and Security in Computing Systems, CS2 \u201916, pp. 49\u201354. ACM, New York (2016). https:\/\/doi.org\/10.1145\/2858930.2858940","DOI":"10.1145\/2858930.2858940"},{"key":"3438_CR25","unstructured":"Anderson, R., Kuhn, M.: Tamper resistance: a cautionary note. In: Proceedings of the Second USENIX Workshop on Electronic Commerce\u2014Volume 2, WOEC\u201996, pp. 1\u20131. USENIX Association, Berkeley (1996)"},{"key":"3438_CR26","doi-asserted-by":"publisher","unstructured":"Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Advances in Cryptology\u2014EUROCRYPT \u201997, pp. 37\u201351. Springer, Berlin (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_4","DOI":"10.1007\/3-540-69053-0_4"},{"key":"3438_CR27","doi-asserted-by":"publisher","unstructured":"Giraud, C.: DFA on AES. In: Advanced Encryption Standard\u2014AES, pp. 27\u201341. Springer, Berlin (2005). https:\/\/doi.org\/10.1007\/11506447_4","DOI":"10.1007\/11506447_4"},{"key":"3438_CR28","unstructured":"Witteman, M.: Secure application programming in the presence of side channel attacks (2018). https:\/\/www.riscure.com\/uploads\/2018\/11\/201708_Riscure_Whitepaper_Side_Channel_Patterns.pdf"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-021-03438-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-021-03438-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-021-03438-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,14]],"date-time":"2022-07-14T11:28:05Z","timestamp":1657798085000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-021-03438-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,23]]},"references-count":28,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,8]]}},"alternative-id":["3438"],"URL":"https:\/\/doi.org\/10.1007\/s10586-021-03438-6","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"type":"print","value":"1386-7857"},{"type":"electronic","value":"1573-7543"}],"subject":[],"published":{"date-parts":[[2021,11,23]]},"assertion":[{"value":"23 September 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 September 2021","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 September 2021","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 November 2021","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}