Glitch Attack
What is Glitch Attack?
Glitch AttackA fault-injection technique that briefly perturbs voltage or clock signals to make a chip skip instructions or leak cryptographic secrets.
A glitch attack is an active fault-injection technique in which the attacker deliberately disturbs the supply voltage or clock of a microcontroller or secure element for a few nanoseconds to induce a controlled fault. Typical effects include skipping a conditional branch, corrupting a comparison, or producing a faulty signature that, combined with a correct one, yields the private key (differential fault analysis on RSA-CRT or ECDSA). Practitioners use cheap tools such as ChipWhisperer or laser pulses for more precise localized faults. Countermeasures include voltage and clock monitors, redundant computation, double-check of cryptographic results, fault-detecting code paths, randomized delays, and shielded packages compliant with FIPS 140-3 Level 3 or 4.
● Examples
- 01
Pulling VCC low for a few nanoseconds to bypass a secure-boot signature check.
- 02
Glitching an ECDSA signature operation to recover the private key via differential fault analysis.
● Frequently asked questions
What is Glitch Attack?
A fault-injection technique that briefly perturbs voltage or clock signals to make a chip skip instructions or leak cryptographic secrets. It belongs to the Cryptography category of cybersecurity.
What does Glitch Attack mean?
A fault-injection technique that briefly perturbs voltage or clock signals to make a chip skip instructions or leak cryptographic secrets.
How does Glitch Attack work?
A glitch attack is an active fault-injection technique in which the attacker deliberately disturbs the supply voltage or clock of a microcontroller or secure element for a few nanoseconds to induce a controlled fault. Typical effects include skipping a conditional branch, corrupting a comparison, or producing a faulty signature that, combined with a correct one, yields the private key (differential fault analysis on RSA-CRT or ECDSA). Practitioners use cheap tools such as ChipWhisperer or laser pulses for more precise localized faults. Countermeasures include voltage and clock monitors, redundant computation, double-check of cryptographic results, fault-detecting code paths, randomized delays, and shielded packages compliant with FIPS 140-3 Level 3 or 4.
How do you defend against Glitch Attack?
Defences for Glitch Attack typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Glitch Attack?
Common alternative names include: Voltage glitching, Clock glitching, Fault injection.
● Related terms
- cryptography№ 848
Power Analysis Attack
A side-channel attack that recovers secret keys by measuring fluctuations in the power consumption of a cryptographic device during operations.
- cryptography№ 1139
TEMPEST Attack
Recovery of secret information by capturing unintended electromagnetic, acoustic, or optical emanations from electronic equipment.
- cryptography№ 929
RFID Cloning
Copying the identifier or cryptographic data of an RFID tag, such as HID Prox or MIFARE Classic, onto another device to impersonate the original badge.
- cryptography№ 727
NFC Relay Attack
A real-time man-in-the-middle attack that tunnels NFC traffic between a victim's card and a remote reader so the attacker can use the card from a distance.
- cryptography№ 981
Secure Boot
UEFI feature that verifies the cryptographic signature of every boot component, refusing to launch a bootloader, kernel, or driver not signed by a trusted authority.