Fault Injection

What Is Fault Injection?

Fault injectionFault injectionSecurityPhysical attack inducing errors to bypass security.Click to view → is a class of physical attack techniques that deliberately disturb a smart card chip's operation to cause execution errors that bypass security checks, skip instructions, or corrupt cryptographic computations. By precisely timed disturbances -- voltage glitches, clock signal manipulation, laser pulses, or electromagnetic pulses -- an attacker can force the chip to behave in unintended ways, potentially extracting secret keys or bypassing authentication logic.

Fault injection is one of the most potent threats in the smart card security model, alongside side-channel attacks and SPA/DPA power analysis. Resistance to fault injection is a key evaluation criterion in Common Criteria certification and JIL vulnerability scoring.

Attack Techniques

What Attackers Target

The most valuable fault injection targets on a smart card include:

• PIN verification loops -- glitching the comparison instruction to make an incorrect PIN appear correct.
• Signature verification -- corrupting the verification of a code signature to load unauthorized applets.
• Cryptographic rounds -- inducing a single-bit error during an AES or RSA computation. Differential Fault Analysis (DFA) can then derive the secret key from one correct and one faulted ciphertext.
• Memory access controls -- skipping access-check instructions to read protected memory areas containing keys or certificates.

Countermeasures

Modern secure elements implement multiple layers of fault detection:

• Dual-rail logic -- redundant computation paths that detect single-point faults by comparing results.
• Voltage and clock monitors -- analog sensors that detect glitches and trigger a chip reset or permanent lockout.
• Instruction flow integrity -- software guards that verify execution order using checksums or sentinel values.
• Light sensors -- photodiode arrays on the die surface that detect decapsulation and laser illumination.
• Randomized execution -- inserting random delays and dummy operations to make precise timing attacks infeasible.

Cards certified at EAL 5+ are evaluated against sophisticated fault injection scenarios as part of the JILJILComplianceGuidelines for consistent smart card hardware attack evaluation.Click to view → attack rating.