Recent research has shown that fault diagnosis and possibly fault tolerance are important features when implementing cryptographic algorithms by means of hardware devices. In fact, some security attack procedures are based on the injection of faults. At the same time, hardware implementations of cryptographic algorithms, i.e. crypto-processors, are becoming widespread. There is however, only very limited research on implementing fault diagnosis and tolerance in crypto-algorithms. Fault diagnosis is studied for the RC5 crypto-algorithm, a recently proposed block-cipher algorithm that is suited for both software and hardware implementations. RC5 is based on a mix of arithmetic and logic operations, and is therefore a challenge for fault diagnosis. We study fault propagation in RC5, and propose and evaluate the cost/performance tradeoffs of several error detecting codes for RC5. Costs are estimated in terms of hardware overhead, and performances in terms of fault coverage. Our most important conclusion is that, despite its nonuniform nature, RC5 can be efficiently protected by using low-cost error detecting codes.
[1]
Israel Koren,et al.
Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard
,
2003,
IEEE Trans. Computers.
[2]
Enrique Mandado,et al.
Concurrent error detection in block ciphers
,
2000,
Proceedings International Test Conference 2000 (IEEE Cat. No.00CH37159).
[3]
Ronald L. Rivest,et al.
The RC5 Encryption Algorithm
,
1994,
FSE.
[4]
Ramesh Karri,et al.
Fault-based side-channel cryptanalysis tolerant Rijndael symmetric block cipher architecture
,
2001,
Proceedings 2001 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.
[5]
Robert H. Deng,et al.
Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults
,
1997,
Security Protocols Workshop.
[6]
Michael Nicolaidis,et al.
Fault-Secure Parity Prediction Booth Multipliers
,
1999,
IEEE Des. Test Comput..