all InfoSec news
SCRAMBLE-CFI: Mitigating Fault-Induced Control-Flow Attacks on OpenTitan. (arXiv:2303.03711v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Secure elements physically exposed to adversaries are frequently targeted by
fault attacks. These attacks can be utilized to hijack the control-flow of
software allowing the attacker to bypass security measures, extract sensitive
data, or gain full code execution. In this paper, we systematically analyze the
threat vector of fault-induced control-flow manipulations on the open-source
OpenTitan secure element. Our thorough analysis reveals that current
countermeasures of this chip either induce large area overheads or still cannot
prevent the attacker from exploiting …
adversaries analysis area attacks bypass chip code code execution control countermeasures current data exposed extract flow hijack large security sensitive data software threat threat vector