Corgea LogoCorgea Security Hub

CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

Learn about CWE-1319 (Improper Protection against Electromagnetic Fault Injection (EM-FI)), its security impact, exploitation methods, and prevention guidelines.

What is Improper Protection against Electromagnetic Fault Injection (EM-FI)?

• Overview: Improper Protection against Electromagnetic Fault Injection (EM-FI) is a vulnerability where a device is susceptible to attacks using electromagnetic fields to disrupt its normal operation, potentially compromising internal information or bypassing security mechanisms.

• Exploitation Methods:

  • Attackers use a pulse injection circuit to generate a high current transient in an EMI coil, creating a magnetic pulse near the device.
  • Common attack patterns include targeting specific circuits to bypass security checks like secure boot or secure JTAG, and inducing faults in program execution.

• Security Impact:

  • Direct consequences include the bypassing of security mechanisms, leaking sensitive information, and altering program flow.
  • Potential cascading effects can arise from perturbing secure hardware modules, such as random number generators, leading to broader system vulnerabilities.
  • Business impact includes potential data breaches, loss of intellectual property, and damage to brand reputation.

• Prevention Guidelines:

  • Specific code-level fixes are not applicable as this is a hardware-level vulnerability.
  • Security best practices include designing hardware with EM-FI resistance, such as implementing shielded enclosures and using fault detection circuits.
  • Recommended tools and frameworks involve using hardware security testing tools to simulate and detect electromagnetic interference and ensure robust security measures are in place.
Corgea can automatically detect and fix Improper Protection against Electromagnetic Fault Injection (EM-FI) in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: System on Chip, Microcontroller Hardware, Memory Hardware, Power Management Hardware, Processor Hardware, Test/Debug Hardware, Sensor Hardware

Vulnerable Code Example

Certainly! Let's refine the code examples to ensure they are clear, realistic, and follow best practices. We'll also correct any formatting issues and provide thorough explanations.

# crypto_module.py {8-12}
import random

class CryptoDevice:
    def __init__(self):
        # Secret key used for encryption
        self.secret_key = random.getrandbits(128)  # Vulnerable to EM-FI attacks due to lack of protection

    def encrypt(self, data):
        # Simple XOR encryption (for example purposes)
        encrypted_data = data ^ self.secret_key
        return encrypted_data

# Example of using the CryptoDevice
device = CryptoDevice()
data = 123456
encrypted_data = device.encrypt(data)
print(f"Encrypted data: {encrypted_data}")

Explanation of Vulnerability:

  • The CryptoDevice class generates a secret key using random.getrandbits(128) and stores it directly in memory.
  • Without protective measures, this key is vulnerable to Electromagnetic Fault Injection (EM-FI) attacks, which can alter the key or the encryption process, potentially exposing sensitive data or bypassing encryption.

How to fix Improper Protection against Electromagnetic Fault Injection (EM-FI)?

To mitigate EM-FI attacks, consider implementing the following strategies:

  1. Shielding and Filtering: Physically shield sensitive components to reduce electromagnetic interference.
  2. Redundancy Checks: Store multiple copies of the key and routinely verify their integrity.
  3. Randomized Execution: Introduce randomness in execution timing or sequence to complicate fault injection attempts.
  4. Error Detection and Correction: Employ error detection codes to identify tampering.
  5. Secure Key Storage: Use hardware security modules (HSMs) or secure enclaves for key storage.

Fixed Code Example

# crypto_module.py {8-10, 16-18, 21-23}
import random

class CryptoDevice:
    def __init__(self):
        # Secure key storage with redundancy
        self.secret_key = [self._generate_secure_key() for _ in range(3)]  # Redundancy added
        self._verify_key_integrity()

    def _generate_secure_key(self):
        # Generate a random 128-bit key
        return random.getrandbits(128)

    def _verify_key_integrity(self):
        # Verify that all redundant keys are identical
        if not all(key == self.secret_key[0] for key in self.secret_key):
            raise Exception("Key integrity compromised!")  # Integrity check

    def encrypt(self, data):
        self._verify_key_integrity()  # Re-check key integrity before each operation
        # Simple XOR encryption
        encrypted_data = data ^ self.secret_key[0]
        return encrypted_data

# Example of using the CryptoDevice
device = CryptoDevice()
data = 123456
encrypted_data = device.encrypt(data)
print(f"Encrypted data: {encrypted_data}")

Explanation of Fix:

  • Redundancy and Integrity Check: The secret key is stored in an array with multiple copies, and their integrity is checked to ensure all are identical. This helps detect any unauthorized alterations due to EM-FI.
  • Key Integrity Verification: Before each encryption operation, the integrity of the secret key is re-verified to detect any faults.
  • These measures enhance the system's resilience against EM-FI attacks by ensuring unauthorized changes to the secret key can be detected promptly.

This improved example provides a clear demonstration of the vulnerability and the fix, following best practices for Python programming.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI) and get remediation guidance

Start for free and no credit card needed.