On Selection of Modulus of Quadratic Codes for the Protection of Cryptographic Operations against Fault Attacks

Quadratic residue codes are introduced as an effective and efficient fault detection technique to protect cryptographic devices against fault attacks. In this paper, we re-consider these codes in an adversarial model, where a powerful attacker can introduce faults with high precision and accuracy. We present two analysis techniques that can lead to successful attacks against quadratic codes if the modulus is not chosen carefully. We provide in-depth theoretical analysis that covers wide range of attacks and present results of practical concerns such as exact number of undetected faults and effective countermeasures. Our analysis is generic in the sense that it can be extended to other residue codes.

[1]  Mark G. Karpovsky,et al.  Non-linear Residue Codes for Robust Public-Key Arithmetic , 2006, FDTC.

[2]  Mark G. Karpovsky,et al.  New class of nonlinear systematic error detecting codes , 2004, IEEE Transactions on Information Theory.

[3]  Israel Koren,et al.  Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard , 2003, IEEE Trans. Computers.

[4]  Mark G. Karpovsky,et al.  Robust protection against fault-injection attacks on smart cards implementing the advanced encryption standard , 2004, International Conference on Dependable Systems and Networks, 2004.

[5]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[6]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[7]  Yang Li,et al.  Fault Sensitivity Analysis , 2010, CHES.

[8]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[9]  Ramesh Karri,et al.  Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers , 2002, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[10]  Wieland Fischer,et al.  Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures , 2002, CHES.

[11]  Cécile Canovas,et al.  Public Key Perturbation of Randomized RSA Implementations , 2010, CHES.

[12]  Ramesh Karri,et al.  Concurrent error detection of fault-based side-channel cryptanalysis of 128-bit symmetric block ciphers , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[13]  Erkay Savas,et al.  Design and implementation of robust embedded processor for cryptographic applications , 2010, SIN.

[14]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[15]  Israel Koren,et al.  Concurrent fault detection in a hardware implementation of the RC5 encryption algorithm , 2003, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors. ASAP 2003.

[16]  Berk Sunar,et al.  Robust Finite Field Arithmetic for Fault-Tolerant Public-Key Cryptography , 2006, FDTC.

[17]  Rob Bekkers,et al.  Fault Injection, A Fast Moving Target in Evaluations , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[18]  M. Anwar Hasan,et al.  Towards fault-tolerant cryptographic computations over finite fields , 2004, TECS.

[19]  M. Karpovsky,et al.  Robust Codes for Fault Attack Resistant Cryptographic Hardware , 2005 .

[20]  M. Anwar Hasan,et al.  Error Detection in Polynomial Basis Multipliers over Binary Extension Fields , 2002, CHES.

[21]  Ingrid Verbauwhede,et al.  An In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[22]  Dhiraj K. Pradhan,et al.  On the design of different concurrent EDC schemes for S-Box and GF(p) , 2010, 2010 11th International Symposium on Quality Electronic Design (ISQED).

[23]  Erkay Savas,et al.  On Protecting Cryptographic Applications Against Fault Attacks Using Residue Codes , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[24]  Elena Trichina,et al.  Multi Fault Laser Attacks on Protected CRT-RSA , 2010, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[25]  Mark G. Karpovsky,et al.  Secure Multipliers Resilient to Strong Fault-Injection Attacks Using Multilinear Arithmetic Codes , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[26]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[27]  Ramesh Karri,et al.  Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers , 2003, CHES.