Can Algorithm Diversity in Stream Cipher Implementation Thwart (Natural and) Malicious Faults?

Hardware implementations of stream and other ciphers are vulnerable to natural faults. Moreover, attackers can launch fault attacks on these implementations. Concurrent error detection is used as a countermeasure against natural and malicious faults. We propose an algorithm diversity (AD) to detect natural and malicious faults in stream ciphers. We compare AD with hardware, time, and information redundancies. Hardware redundancy has 100% hardware overhead, but is not secure against fault attacks. Time redundancy has lower hardware overhead, but is vulnerable to faults that are injected in both the computation and recomputation. Information redundancy techniques, such as parity, cannot detect an even number of faulty bits. Information redundancy techniques, such as robust code, have higher fault miss rate (FMR) with higher hardware overhead. If robust code is configured to have lower FMR than AD in certain attacker model, the hardware overhead is excessively high. AD provides higher security compared to existing techniques. It enables a cost-effective tradeoff between security, performance overhead, and hardware overhead.

[1]  Hu Chuan-Gan,et al.  On The Shift Register Sequences , 2004 .

[2]  Debdeep Mukhopadhyay,et al.  Security analysis of concurrent error detection against differential fault analysis , 2014, Journal of Cryptographic Engineering.

[3]  David Naccache,et al.  Random Active Shield , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[4]  Lin Zhiqiang,et al.  The Transformation from the Galois NLFSR to the Fibonacci Configuration , 2013, 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies.

[5]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[6]  Santanu Sarkar,et al.  A Differential Fault Attack on the Grain Family of Stream Ciphers , 2012, CHES.

[7]  Yaara Neumeier,et al.  Protecting cryptographic hardware against malicious attacks by nonlinear robust codes , 2014, 2014 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT).

[8]  Aline Gouget,et al.  Fault analysis of GRAIN-128 , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[9]  Michael Tunstall,et al.  Harnessing Biased Faults in Attacks on ECC-Based Signature Schemes , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[10]  Régis Leveugle,et al.  A multiple fault injection methodology based on cone partitioning towards RTL modeling of laser attacks , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[11]  Elena Dubrova An Equivalence-Preserving Transformation of Shift Registers , 2014, SETA.

[12]  Christophe De Cannière,et al.  Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles , 2006, ISC.

[13]  Régis Leveugle,et al.  On error models for RTL security evaluations , 2014, 2014 9th IEEE International Conference on Design & Technology of Integrated Systems in Nanoscale Era (DTIS).

[14]  Sylvain Guilley,et al.  WDDL is Protected against Setup Time Violation Attacks , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[15]  Takeshi Sugawara,et al.  An on-chip glitchy-clock generator for testing fault injection attacks , 2011, Journal of Cryptographic Engineering.

[16]  Kartik Mohanram,et al.  Low Cost Concurrent Error Masking Using Approximate Logic Circuits , 2013, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[17]  Elena Dubrova,et al.  A Transformation From the Fibonacci to the Galois NLFSRs , 2009, IEEE Transactions on Information Theory.

[18]  Ramesh Karri,et al.  Recomputing with Permuted Operands: A Concurrent Error Detection Approach , 2013, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[19]  Assia Tria,et al.  Voltage Glitch Attacks on Mixed-Signal Systems , 2014, 2014 17th Euromicro Conference on Digital System Design.

[20]  Yaara Neumeier,et al.  Punctured Karpovsky-Taubin binary robust error detecting codes for cryptographic devices , 2012, 2012 IEEE 18th International On-Line Testing Symposium (IOLTS).

[21]  Elena Dubrova,et al.  Finding Matching Initial States for Equivalent NLFSRs in the Fibonacci and the Galois Configurations , 2009, IEEE Transactions on Information Theory.

[22]  Santanu Sarkar,et al.  A Differential Fault Attack on the Grain Family under Reasonable Assumptions , 2012, INDOCRYPT.

[23]  Martin Hell,et al.  Grain: a stream cipher for constrained environments , 2007, Int. J. Wirel. Mob. Comput..

[24]  Régis Leveugle,et al.  Glitch and Laser Fault Attacks onto a Secure AES Implementation on a SRAM-Based FPGA , 2011, Journal of Cryptology.

[25]  A. Lindoso,et al.  Analyzing the Impact of Single-Event-Induced Charge Sharing in Complex Circuits , 2011, IEEE Transactions on Nuclear Science.

[26]  Mark G. Karpovsky,et al.  Differential Fault Analysis Attack Resistant Architectures for the Advanced Encryption Standard , 2004, CARDIS.

[27]  Pedro Reviriego,et al.  Diverse Double Modular Redundancy: A New Direction for Soft-Error Detection and Correction , 2013, IEEE Design & Test.

[28]  Yang Li,et al.  Fault Sensitivity Analysis , 2010, CHES.

[29]  Cecilia Metra,et al.  Concurrent detection of power supply noise , 2003, IEEE Trans. Reliab..

[30]  Oliver Kniffler,et al.  ACHTERBAHN-128/80 , 2006 .

[31]  Arash Reyhani-Masoleh,et al.  Concurrent Structure-Independent Fault Detection Schemes for the Advanced Encryption Standard , 2010, IEEE Transactions on Computers.

[32]  Sandeep Koranne,et al.  Boost C++ Libraries , 2011 .

[33]  Martin Hell,et al.  A Stream Cipher Proposal: Grain-128 , 2006, 2006 IEEE International Symposium on Information Theory.

[34]  Ingrid Verbauwhede,et al.  Hardware Designer's Guide to Fault Attacks , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[35]  Erkay Savas,et al.  On Selection of Modulus of Quadratic Codes for the Protection of Cryptographic Operations against Fault Attacks , 2014, IEEE Transactions on Computers.