US Patent 12003614 Infective countermeasures

The invention proposes a novel type of infective countermeasure against fault injection attacks. Instead of determining the injected error before amplifying it, the novel countermeasure applies the same diffusion function to two intermediate ciphers obtained by executing a cryptographic operation on an input. The error is therefore amplified within the same intermediate ciphers, referred to as infective ciphers after diffusion. It is then possible to use diffusion functions which do not map the cipher 0 as an output equal to 0. A cipher recomposed from bits of undiffused ciphers is also generated. These infective and recomposed ciphers are XOR-combined to provide an output cipher. This approach makes it possible to adapt, by simple duplication of the pairs and associated specific diffusion functions, the protection offered by the countermeasure to a desired number of injected faults.