README.md 1.9 KB
Newer Older
1
# About this repository
CLAUDEPIERRE Ludovic's avatar
CLAUDEPIERRE Ludovic committed
2

3
4
5
6
7
8
9
10
11
12
13
- This is the source code of TRAITOR (**TRA**nsportable gl**I**tch a**T**tack
  platf**OR**m), a FPGA platform used for fault injection, specifically clock
  glitch fault injection. More details in our paper [1].
- VHDL has been created with Vivado version 2018.3. You should synthetized the
  code with this specific version, or with another one that has been tested :
  2019.2. Both versions produce a working synthesis. Results with other
  versions is unknown.
- FPGA target is the Arty A7-35T [2]
- Attacked device in the paper is the STM32F100RB [3], *a.k.a.*
  STM32F1Discovery-VL
- If you use TRAITOR, please cite our paper [1].
CLAUDEPIERRE Ludovic's avatar
CLAUDEPIERRE Ludovic committed
14

15
# Usage
CLAUDEPIERRE Ludovic's avatar
CLAUDEPIERRE Ludovic committed
16

17
18
19
20
21
22
23
To configure the FPGA, use any software that can communicate on serial port and
use this configuration:
- Baud rate : 115200
- Bits : 8
- Stopbits : 1
- Parity : None
- Flow control : None
CLAUDEPIERRE Ludovic's avatar
CLAUDEPIERRE Ludovic committed
24

25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
Here's the memory layout of the FPGA. Address `0x00` is used for a specific
parameter called **amplitude** (see paper). Each glitch is coded on 8 bytes: 4
bytes for the **delay**, 4 bytes for the **width**. User can encode up to 31
glitches.

|  Variable |    Adresse    |      Value     |   |   |
|:---------:|:-------------:|:--------------:|---|---|
| Amplitude |     `0x00`    |  `[0xE0-0xF0]` |   |   |
|  Delay 1  | `[0x01-0x04]` | User defined   |   |   |
|  Width 1  | `[0x05-0x08]` | User defined   |   |   |
|  Delay 2  | `[0x09-0x0C]` | User defined   |   |   |
|  Width 2  | `[0x0D-0x10]` | Used defined   |   |   |
|    ...    |     ...       |      ...       |   |   |

# References

* [1] Ludovic Claudepierre, Pierre-Yves Péneau, Damien Hardy, Erven Rohou.
  TRAITOR: A Low-Cost Evaluation Platform for Multifault Injection. *In
  International Symposium on Advanced Security on Software and Systems (ASSS)*,
  ACM 2021
* [2] https://www.xilinx.com/products/boards-and-kits/1-elhaap.html
* [3] https://www.st.com/en/microcontrollers-microprocessors/stm32f100rb.html