This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard
April 2003 (vol. 52 no. 4)
pp. 492-505

Abstract—The goal of the Advanced Encryption Standard (AES) is to achieve secure communication. The use of AES does not, however, guarantee reliable communication. Prior work has shown that even a single transient error occurring during the AES encryption (or decryption) process will very likely result in a large number of errors in the encrypted/decrypted data. Such faults must be detected before sending to avoid the transmission and use of erroneous data. Concurrent fault detection is important not only to protect the encryption/decryption process from random faults. It will also protect the encryption/decryption circuitry from an attacker who may maliciously inject faults in order to find the encryption secret key. In this paper, we first describe some studies of the effects that faults may have on a hardware implementation of AES by analyzing the propagation of such faults to the outputs. We then present two fault detection schemes: The first is a redundancy-based scheme while the second uses an error detecting code. The latter is a novel scheme which leads to very efficient and high coverage fault detection. Finally, the hardware costs and detection latencies of both schemes are estimated.

[1] G. Bertoni, L. Breveglieri, I. Koren, and V. Piuri, “Fault Detection in the Advanced Encryption Standard,” Proc. Conf. Massively Parallel Computing Systems (MPCS '02), pp. 92-97, 2002.
[2] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “On the Propagation of Faults and Their Detection in a Hardware Implementation of the Advanced Encryption Standard,” Proc. Int'l Conf. Application-Specific Systems, Architectures, and Processors (ASAP '02), pp. 303-312, 2002.
[3] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “A Parity Code Based Fault Detection for an Implementation of the Advanced Encryption Standard,” Proc. IEEE Int'l Symp. Defect and Fault Tolerance in VLSI Systems (DFT '02), pp. 51-59, 2002.
[4] NIST, “Announcing the ADVANCED ENCRYPTION STANDARD (AES),” Federal Information Processing Standards Publication, no. 197, 26 Nov. 2001.
[5] B. Gladman, “A Specification for Rijndael, the AES Algorithm,” http:/fp.gladman.plus.com/, 2001.
[6] M. Akkar and C. Giraud, “Implementation of DES and AES, Secure against Some Attacks,” Proc. Workshop Cryptographic Hardware and Embedded Systems (CHES '01), pp. 315-325, 2001.
[7] M. McLoone and J.V. McCanny, “High Performance Single-Chip FPGA Rijndael Algorithm Implementations,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 65-76, 2001.
[8] V. Fischer and M. Drutarovský, “Two Methods of Rijndael Implementation in Reconfigurable Hardware,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 77-92, 2001.
[9] H. Kuo and I. Verbauwhede, “Architectural Optimization for a 1.82Gbits/Sec VLSI Implementation of the AES Rijndael Algorithm,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 51-64, 2001.
[10] A. Rudra, P.K. Dubey, C.S. Jutla, V. Kumar, J.R. Rao, and P. Rohatgi, “Efficient Rijndael Encryption Implementation with Composite Field Arithmetic,” Proc. Workshop Cryptographic Hardware and Embedded Systems—CHES 2001, pp. 171-184, 2001.
[11] R. Karri, W. Kaijie, P. Mishra, and K. Yongkook, “Fault-Based Side-Channel Cryptanalysis Tolerant Rijndael Symmetric Block Cipher Architecture,” Proc. Defect and Fault Tolerance in VLSI Systems (DFT '01), pp. 418-426, 2001.
[12] J. Daemen and V. Rijmen, “The Block Cipher Rijndael,” Smart Card Research and Applications, J.-J. Quisquater and B. Schneier, eds., pp. 288-296, Springer-Verlag, 2000.
[13] D. Whiting, B. Schneier, and S. Bellovin, “AES Key Agility Issues in High-Speed IPsec Implementations,” Counterpane Internet Security,http://www.counterpane.comaes-agility.html , 2000.
[14] E. Biham, “A Fast New DES Implementation in Software,” Proc. Int'l Symp. Foundations of Software Eng. (FSE '97), pp. 260-273, 1997.
[15] H. Eberle, “A High-Speed DES Implementation for Network Application,” Proc. Int'l Conf. Cryptology (CRYPTO '92), pp. 521-539, 1993.
[16] R. Lidl and H. Niederreiter,An Introduction to Finite Fields and Their Applications.Cambridge: Cambridge Univ. Press, 1986.
[17] Nat'l Bureau of Standards, “Data Encryption Standard,” US Dept. of Commerce, FIPS pub. no. 46, Jan. 1977.

Index Terms:
Advanced Encryption Standard, AES, fault tolerance, fault detection, parity codes.
Citation:
Guido Bertoni, Luca Breveglieri, Israel Koren, Paolo Maistri, Vincenzo Piuri, "Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard," IEEE Transactions on Computers, vol. 52, no. 4, pp. 492-505, April 2003, doi:10.1109/TC.2003.1190590
Usage of this product signifies your acceptance of the Terms of Use.