Protection against EEPROM modification attacks

Abstract

In recent work, Anderson and Kuhn described an attack against tamperproof devices wherein a secret key stored in EEPROM is compromised using a simple and low-cost attack. The attacker uses lowcost probes to set individual EEPROM bits to 0 or 1 and observes the effect on the output of the device. These attacks are extremely general, as they apply to virtually any cryptosystem. In this paper we explore high-level design techniques with the goal of providing some degree of protection against these attacks. We describe a cascaded m-permutation protection scheme that uses an (m x n)-bit encoding for an n-bit key and for which the best known attack requires O(nm) probes to compromise the key. Although the attack is of polynomial time complexity, it would be impractical to apply it when the protection scheme uses 5 or more cascaded permutations of a 128-bit key; in particular, in this case, the best known attack requires approximately 3.4 × 109 manual probes.