An efficient hardware-based fault diagnosis scheme for AES: performances and cost

Since standardization in 2001, the Advanced Encryption Standard has been the subject of many research efforts, aimed at developing efficient hardware implementations with reduced area and latency. So far, reliability has not been considered a primary objective. Recently, several error detecting schemes have been proposed in order to provide some defense against hardware faults in AES. The benefits of such schemes are twofold: avoiding wrong outputs when benign hardware faults occur, and preventing the collection of information about the secret key through malicious injection of faults. In this paper, we present a complete scheme for parity-based fault detection in a hardware implementation of the Advanced Encryption Standard which includes a key schedule unit. We also provide a preliminary evaluation of the hardware and latency overhead of the proposed scheme.

[1]  Ramesh Karri,et al.  Parity-based concurrent error detection in symmetric block ciphers , 2003, International Test Conference, 2003. Proceedings. ITC 2003..

[2]  Patrick Schaumont,et al.  Design and performance testing of a 2.29-GB/s Rijndael processor , 2003, IEEE J. Solid State Circuits.

[3]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[4]  Harald Niederreiter,et al.  Introduction to finite fields and their applications: Preface , 1994 .

[5]  Jean-Didier Legat,et al.  Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware: Improvements and Design Tradeoffs , 2003, CHES.

[6]  Israel Koren,et al.  Detecting and locating faults in VLSI implementations of the Advanced Encryption Standard , 2003, Proceedings 18th IEEE Symposium on Defect and Fault Tolerance in VLSI Systems.

[7]  Ramesh Karri,et al.  Fault-based side-channel cryptanalysis tolerant Rijndael symmetric block cipher architecture , 2001, Proceedings 2001 IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems.

[8]  Robert H. Deng,et al.  Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults , 1997, Security Protocols Workshop.

[9]  Brian R. Gladman A Specification for Rijndael, the AES Algorithm , 2001 .

[10]  Israel Koren,et al.  Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard , 2003, IEEE Trans. Computers.

[11]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[12]  Akashi Satoh,et al.  A 10 Gbps full-AES crypto design with a twisted-BDD S-Box architecture , 2002, Proceedings. IEEE International Conference on Computer Design: VLSI in Computers and Processors.

[13]  Ramesh Karri,et al.  Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers , 2003, CHES.

[14]  Kris Gaj,et al.  Very Compact FPGA Implementation of the AES Algorithm , 2003, CHES.

[15]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[16]  Christophe Giraud,et al.  DFA on AES , 2004, AES Conference.