fa مروری بر حملات القاء خطای گذرا به رمزهای قالبی رمز و امنیت اطلاعات Cryptology and Information Security مروری Review Article <div style="text-align: justify;"><span dir="RTL" lang="AR-SA" style="font-size:11.0pt"><span style="line-height:107%"><span arial="" style="font-family:">ﺣﻤﻼﺕ ﺍﻟﻘﺎﺀ ﺧﻄﺎ ﺩﺳﺘﻪ‌ﺍیﯽ ﺍﺯ ﺣﻤﻼﺕ ﻓﻌﺎﻝ ﺩﺭ ﻣﺪﻝ ﺟﻌﺒﻪ ﺧﺎﮐﺴﺘﺮﯼ ﻫﺴﺘﻨﺪ ﮐﻪ ﺩﺭ ﺁﻥ ﻣﻬﺎﺟﻢ ﺑﺎ ﺩﺳﺘﺮﺳﯽ ﻓﯿﺰیﮑﯽ ﺑﻪ ﺩﺳﺘﮕﺎﻩ ﺭﻣﺰﻧﮕﺎﺭﯼ، ﺑﻪ ﺻﻮﺭﺕ ﻋﻤﺪﯼ ﺧﻄﺎیﯽ ﺑﻪ ﺩﺳﺘﮕﺎﻩ ﺍﻋﻤﺎﻝ ﻣﯽﮐﻨﺪ. ﺍیﻦ ﺧﻄﺎ ﻣﻨﺠﺮ ﺑﻪ ﺗﻐﯿﯿﺮ ﺩﺭ ﻣﻘﺎﺩیﺮ ﻣﯿﺎﻧﯽ ﻭ ﺧﺮﻭﺟﯽ ﺩﺳﺘﮕﺎﻩ ﺷﺪﻩ ﻭﻣﻬﺎﺟﻢ ﺑﺎ ﺗﺤﻠﯿﻞ ﺗﻔﺎﻭﺕﻫﺎﯼ ﺍیﺠﺎﺩﺷﺪﻩ، ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﻣﺎﻧﻨﺪ ﮐﻠﯿﺪ ﺭﻣﺰﻧﮕﺎﺭﯼ ﺭﺍ ﺍﺳﺘﺨﺮﺍﺝ ﻣﯽﮐﻨﺪ. ﺑﻪ ﺩﻟﯿﻞ ﺳﻬﻮﻟﺖ ﺍﺟﺮﺍ ﻭ ﮐﺎﺭﺍیﯽ ﺑﺎﻻ، ﺍیﻦ ﺣﻤﻼﺕ ﺗﻬﺪیﺪﯼ ﺟﺪﯼ ﺑﺮﺍﯼ ﺍﻣﻨﯿﺖ ﭘﯿﺎﺩﻩﺳﺎﺯﯼﻫﺎﯼ ﺭﻣﺰﻧﮕﺎﺭﯼ ﻣﺤﺴﻮﺏ ﻣﯽﺷﻮﻧﺪ ﻭ ﻣﯽﺗﻮﺍﻧﻨﺪ ﺣﺘﯽ ﺳﯿﺴﺘﻢﻫﺎﯼ ﺩﺍﺭﺍﯼ ﻣﮑﺎﻧﯿﺴﻢﻫﺎﯼ ﻣﺤﺎﻓﻈﺘﯽ ﺭﺍ ﻧﯿﺰ ﺗﺤﺖ ﺗﺄﺛﯿﺮ ﻗﺮﺍﺭ ﺩﻫﻨﺪ. ﺭﻭﻧﺪ ﺍﺧﯿﺮ ﻧﺸﺎﻥ ﻣﯽﺩﻫﺪ ﮐﻪ ﻣﯿﺰﺍﻥ ﺗﺤﻘﯿﻘﺎﺕ ﺩﺭ ﺍیﻦ ﺣﻮﺯﻩ ﺑﻪ ﻃﻮﺭ ﻗﺎﺑﻞ ﺗﻮﺟﻬﯽ ﺭﺷﺪ ﮐﺮﺩﻩ ﻭ ﺑﻪ ﻋﻨﻮﺍﻥ یﮏ ﺯﻣﯿﻨﻪ ﺗﺤﻘﯿﻘﺎﺗﯽ ﻓﻌﺎﻝ ﺩﺭ ﻣﺒﺤﺚ ﭘﯿﺎﺩﻩﺳﺎﺯﯼ ﺍﻟﮕﻮﺭیﺘﻢﻫﺎﯼ ﺭﻣﺰﻧﮕﺎﺭﯼ ﺑﻪ ﺣﺴﺎﺏ ﻣﯽﺁیﺪ. ﺍﺯ ﺍیﻦ ﺭﻭ ﻧﯿﺎﺯ ﺑﻪ یﮏ ﻣﻄﺎﻟﻌﻪ ﺟﺎﻣﻊ ﮐﻪ ﺩﺭﺑﺮﮔﯿﺮﻧﺪﻩ ﺣﻤﻼﺕ ﺍﻟﻘﺎﺀ ﺧﻄﺎ ﻭ ﺭﺍﻩﻫﺎﯼ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻥ ﺑﺎﺷﺪ، ﺍﺣﺴﺎﺱ ﻣﯽﺷﻮﺩ. ﺩﺭ ﺍیﻦ ﻣﻘﺎﻟﻪ، ﺿﻤﻦ ﻣﻌﺮﻓﯽ ﺣﻤﻠﻪ ﺍﻟﻘﺎﺀ ﺧﻄﺎ، ﺑﻪ ﻭیﮋﮔﯽﻫﺎ، ﻧﻘﺎﻁ ﻗﻮﺕ ﻭ ﺿﻌﻒ ﺍیﻦ ﺣﻤﻠﻪ ﻣﯽﭘﺮﺩﺍﺯیﻢ. ﺳﭙﺲ، ﺩﺭﺍﺩﺍﻣﻪ، ﺭﻭﺵﻫﺎﯼ ﺗﺤﻠﯿﻞ ﺣﻤﻼﺕ ﺭﺍ ﺑﺮﺭﺳﯽ ﻭ ﻣﻘﺎیﺴﻪ ﻣﯽﮐﻨﯿﻢ ﻭ ﺩﺭ ﺍﻧﺘﻬﺎ ﺑﻪ ﺭﻭﺵﻫﺎﯼ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍیﻦ ﺣﻤﻼﺕ ﻣﯽﭘﺮﺩﺍﺯیﻢ.</span></span></span></div> <div style="text-align: justify;">Fault injection attacks are a category of active attacks within the gray-box model, where the attacker, having physical access to the cryptographic device, deliberately introduces an error into the system. This error leads to alterations in the intermediate and output values of the device, allowing the attacker to extract sensitive information, such as cryptographic keys, by analyzing the resulting discrepancies. Due to their ease of execution and high effectiveness, these attacks present a serious threat to the security of cryptographic implementations and can even compromise systems with protective mechanisms in place. Recent trends indicate a significant increase in research within this field, marking it as an active area of study in the context of cryptographic algorithm implementations. Therefore, there is a pressing need for a comprehensive study that encompasses fault injection attacks and their countermeasures. In this paper, we introduce fault injection attacks, discussing their characteristics, strengths, and weaknesses. We then explore and compare various attack analysis methods and conclude by examining strategies to mitigate these attacks.&nbsp;</div> ﺣﻤﻠﻪ ﺍﻟﻘﺎﺀ ﺧﻄﺎ, ﺣﻤﻠﻪ ﻓﻌﺎﻝ, ﺭﻭﺵﻫﺎﯼ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﻟﻘﺎﺀ ﺧﻄﺎ, ﺍﻗﺪﺍﻡ ﻣﺘﻘﺎﺑﻞ ﺍﻟﻘﺎﺀ ﺧﻄﺎ Fault Attack, Fault Injection, Active Attack, Fault Countermeasures 120 134 http://monadi.isc.org.ir/browse.php?a_code=A-10-248-5&slc_lang=fa&sid=1 Mehdi Farzanegan محمد مهدی فرزانگان m.farzanegan@yahoo.com 10031947532846002167 10031947532846002167 No Cyberspace Research Institute, Shahid Beheshti University, Tehran, Iran ﭘﮋﻭﻫﺸﮑﺪﻩ ﻓﻀﺎﯼ ﻣﺠﺎﺯﯼ، ﺩﺍﻧﺸﮕﺎﻩ ﺷﻬﯿﺪ ﺑﻬﺸﺘﯽ، ﺗﻬﺮﺍﻥ، ﺍیﺮﺍﻥ هادی سلیمانی hadi.soleimany@gmail.com 10031947532846002168 10031947532846002168 Yes Cyberspace Research Institute, Shahid Beheshti University, Tehran, Iran ﭘﮋﻭﻫﺸﮑﺪﻩ ﻓﻀﺎﯼ ﻣﺠﺎﺯﯼ، ﺩﺍﻧﺸﮕﺎﻩ ﺷﻬﯿﺪ ﺑﻬﺸﺘﯽ، ﺗﻬﺮﺍﻥ، ﺍیﺮﺍﻥ