Invariance-based concurrent error detection for Advanced Encryption Standard

Naturally occurring and maliciously injected faults reduce the reliability of Advanced Encryption Standard (AES) and may leak confidential information. We developed an invariance-based concurrent error detection (CED) scheme which is independent of the implementation of AES encryption/decryption. Additionally, we improve the security of our scheme with Randomized CED Round Insertion and adaptive checking. Experimental results show that the invariance-based CED scheme detects all single-bit, all singlebyte fault, and 99.99999997% of burst faults. The area and delay overheads of this scheme are compared with those of previously reported CED schemes on two Xilinx Virtex FPGAs. The hardware overhead is in the 13.2-27.3% range and the throughput is between 1.8-42.2Gbps depending on the AES architecture, FPGA family, and the detection latency. One can implement our scheme in many ways; designers can trade off performance, reliability, and security according to the available resources.

[1]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[2]  Cecilia Metra,et al.  On-line testing of transient faults affecting functional blocks of FCMOS, domino and FPGA-implemented self-checking circuits , 2002, 17th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, 2002. DFT 2002. Proceedings..

[3]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[4]  Yvo Desmedt,et al.  Complementation-Like and Cyclic Properties of AES Round Functions , 2004, AES Conference.

[5]  Israel Koren,et al.  Detecting faults in four symmetric key block ciphers , 2004 .

[6]  Ramesh Karri,et al.  Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers , 2003, CHES.

[7]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[8]  Daniel P. Siewiorek,et al.  Reliable Computer Systems: Design and Evaluation, Third Edition , 1998 .

[9]  Arash Reyhani-Masoleh,et al.  A Lightweight High-Performance Fault Detection Scheme for the Advanced Encryption Standard Using Composite Fields , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[10]  Ramesh Karri,et al.  Low cost concurrent error detection for the advanced encryption standard , 2004 .

[11]  Arash Reyhani-Masoleh,et al.  Concurrent Structure-Independent Fault Detection Schemes for the Advanced Encryption Standard , 2010, IEEE Transactions on Computers.

[12]  Ramesh Karri,et al.  Concurrent error detection of fault-based side-channel cryptanalysis of 128-bit symmetric block ciphers , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[13]  Israel Koren,et al.  An Operation-Centered Approach to Fault Detection in Symmetric Cryptography Ciphers , 2007, IEEE Transactions on Computers.

[14]  R. Reed,et al.  Heavy ion and proton-induced single event multiple upset , 1997 .

[15]  Israel Koren,et al.  A parity code based fault detection for an implementation of the Advanced Encryption Standard , 2002, 17th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems, 2002. DFT 2002. Proceedings..

[16]  Israel Koren,et al.  Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard , 2003, IEEE Trans. Computers.

[17]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[18]  Régis Leveugle,et al.  Double-Data-Rate Computation as a Countermeasure against Fault Analysis , 2008, IEEE Transactions on Computers.

[19]  Yiorgos Makris,et al.  Invariance-based on-line test for RTL controller-datapath circuits , 2000, Proceedings 18th IEEE VLSI Test Symposium.

[20]  Robert S. Swarz,et al.  Reliable Computer Systems: Design and Evaluation , 1992 .

[21]  Ross J. Anderson,et al.  On a new way to read data from memory , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[22]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[23]  Sule Ozev,et al.  Cost-effective concurrent test hardware design for linear analog circuits , 2002, Proceedings. IEEE International Conference on Computer Design: VLSI in Computers and Processors.

[24]  Ramesh Karri,et al.  Fault-based side-channel cryptanalysis tolerant Rijndael symmetric block cipher architecture , 2001, Proceedings 2001 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[25]  Israel Koren,et al.  On the propagation of faults and their detection in a hardware implementation of the Advanced Encryption Standard , 2002, Proceedings IEEE International Conference on Application- Specific Systems, Architectures, and Processors.