Register Transfer Level Concurrent Error Detection in Elliptic Curve Crypto Implementations

In this paper we present an register transfer level (RTL) concurrent error detection (CED) technique targeting hardware implementations of elliptic curve cryptography (ECC). The proposed mixed hardware- and time-redundancy based CED techniques use the mathematical properties of the underlying Galois field as well as the ECC primitives to detect both soft errors and permanent faults with low area overhead. Results for sequential implementations of GF multiplication and inverse operations yielded an area overhead of 30% and a time overhead of 120%.

[1]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[2]  Israel Koren,et al.  Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard , 2003, IEEE Trans. Computers.

[3]  Kiyomichi Araki,et al.  Overview of Elliptic Curve Cryptography , 1998, Public Key Cryptography.

[4]  M. Baze,et al.  Comparison of error rates in combinational and sequential logic , 1997 .

[5]  Adi Shamir,et al.  Scalable Hardware for Sparse Systems of Linear Equations, with Applications to Integer Factorization , 2005, CHES.

[6]  A. H. Johnston Radiation effects in advanced microelectronics technologies , 1997 .

[7]  Ramesh Karri,et al.  Concurrent error detection of fault-based side-channel cryptanalysis of 128-bit symmetric block ciphers , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[8]  E. Normand Single event upset at ground level , 1996 .

[9]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[10]  Yervant Zorian,et al.  On-Line Testing for VLSI—A Compendium of Approaches , 1998, J. Electron. Test..

[11]  Hilarie K. Orman,et al.  Fast Key Exchange with Elliptic Curve Systems , 1995, CRYPTO.

[12]  Ramesh Karri,et al.  Concurrent error detection for involutional functions with applications in fault-tolerant cryptographic hardware design , 2006, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[13]  Ramesh Karri,et al.  Concurrent Error Detection Schemes for Involution Ciphers , 2004, CHES.

[14]  Janak H. Patel,et al.  Concurrent Error Detection in ALU's by Recomputing with Shifted Operands , 1982, IEEE Transactions on Computers.

[15]  Alfred Menezes,et al.  Software Implementation of Elliptic Curve Cryptography over Binary Fields , 2000, CHES.

[16]  Nigel P. Smart,et al.  A comparison of different finite fields for use in elliptic curve cryptosystems , 2000 .

[17]  Bernd Meyer,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems , 2000, CRYPTO.

[18]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[19]  Ramesh Karri,et al.  Tamper Proofing by Design Using Generalized Involution-Based Concurrent Error Detection for Involutional Substitution Permutation and Feistel Networks , 2006, IEEE Transactions on Computers.

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[21]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[22]  Israel Koren,et al.  Workshop on fault diagnosis and tolerance in cryptography , 2004, International Conference on Dependable Systems and Networks, 2004.

[23]  Jean-Pierre Seifert,et al.  Sign Change Fault Attacks on Elliptic Curve Cryptosystems , 2006, FDTC.

[24]  Marc Joye,et al.  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults , 2005, Des. Codes Cryptogr..

[25]  Jim-Min Lin,et al.  Concurrent Error Detection in Montgomery Multiplication over GF(2m) , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[26]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.