The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.11 - November (2008 vol.57)
pp: 1528-1539
Paolo Maistri , TIMA Laboratory, Grenoble
Régis Leveugle , TIMA Laboratory, Grenoble
ABSTRACT
Differential Fault Analysis (DFA) is one of the most powerful techniques to attack cryptosystems. Several countermeasures have been proposed, which are based either on information or temporal redundancy. In this work, we propose a novel approach based on a Double-Data-Rate (DDR) computation template. A few sample architectures have been implemented: they are compared to other existing architectures and countermeasures, and a thorough dependability analysis is given.
INDEX TERMS
AES, DFA, Fault detection, Redundancy
CITATION
Paolo Maistri, Régis Leveugle, "Double-Data-Rate Computation as a Countermeasure against Fault Analysis", IEEE Transactions on Computers, vol.57, no. 11, pp. 1528-1539, November 2008, doi:10.1109/TC.2008.149
REFERENCES
[1] E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard. Springer Verlag, 1993.
[2] D. Boneh, R. DeMillo, and R. Lipton, “On the Importance of Eliminating Errors in Cryptographic Computations,” J. Cryptology, vol. 14, pp. 101-119, 2001.
[3] M. Ciet and M. Joye, “Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults,” Designs, Codes, and Cryptography, vol. 36, no. 1, pp. 33-43, 2005.
[4] G. Piret and J.-J. Quisquater, “A Differential Fault Attack Technique against SPN Structures, with Application to the AES and Khazad,” Proc. Fifth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '03), vol. 2779, pp. 77-88, 2003.
[5] A. Moradi, M.T. Manzuri Shalmani, and M. Salmasizadeh, “A Generalized Method of Differential Fault Attack against AES Cryptosystem,” Proc. Eighth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '06), vol. 4249, pp. 91-100, 2006.
[6] J. Takahashi, T. Fukunaga, and K. Yamakoshi, “DFA Mechanism on the AES Key Schedule,” Proc. Workshop Fault Diagnosis and Tolerance in Cryptography (FDTC '07), pp. 62-74, 2007.
[7] National Institute Standards and Technology (NIST), FIPS-197: Advanced Encryption Standard, Nov. 2001.
[8] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” Advances in Cryptology—ASIACRYPT, pp. 239-254, 2001.
[9] N. Pramstaller, S. Mangard, S. Dominikus, and J. Wolkerstorfer, “Efficient AES Implementations on ASICs and FPGAs,” Proc.Fourth Int'l Conf. Advanced Encryption Standard (AES '04), pp.98-112, 2004.
[10] M. Feldhofer, J. Wolkerstorfer, and V. Rijmen, “AES Implementation on a Grain of Sand,” IEE Proc. Information Security, pp. 13-20, 2005.
[11] I. Verbauwhede, P. Schaumont, and H. Kuo, “Design and Performance Testing of a 2.29-GB/s Rijndael Processor,” IEEE J. Solid-State Circuits, vol. 38, no. 3, pp. 569-572, 2003.
[12] M. Alam et al., “An Area Optimized Reconfigurable Encryptor forAES-Rijndael,” Proc. Design Automation and Test in Europe (DATE '07), pp. 1116-1121, 2007.
[13] A. Hodjat and I. Verbauwhede, “Area-Throughput Trade-Offs for Fully Pipelined 30 to 70 Gbits/s AES Processors,” IEEE Trans. Computers, vol. 55, no. 4, pp. 366-372, Apr. 2006.
[14] E. Trichina and T. Korkishko, “Secure AES Hardware Module for Resource Constrained Devices,” Proc. First European Workshop Security in Ad Hoc and Sensor Networks (ESAS '04), pp. 215-230, 2004.
[15] D.D. Hwang, K. Tiri, A. Hodjat, B.-C. Lai, S. Yang, P. Schaumont, and I. Verbauwhede, “AES-Based Security Coprocessor IC in 0.18-$\mu{\rm m}$ CMOS with Resistance to Differential Power Analysis Side-Channel Attacks,” IEEE J. Solid-State Circuits, vol. 41, no. 4, pp. 781-792, 2006.
[16] D. Shang, F. Burns, A. Bystrov, A. Koelmans, D. Sokolov, and A. Yakovlev, “High-Security Asynchronous Circuit Implementation of AES,” IEE Proc. Computers and Digital Techniques, vol. 153, no. 2, pp. 71-77, 2006.
[17] R. Karri, K. Wu, P. Mishra, and Y. Kim, “Concurrent Error Detection Schemes for Fault-Based Side-Channel Cryptanalysis of Symmetric Block Ciphers,” IEEE Trans. Computer-Aided Design of Integrated Circuits and Systems, vol. 21, no. 12, pp. 1509-1517, 2002.
[18] R. Karri, G. Kuznetsov, and M. Gössel, “Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers,” Proc. Fifth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '03), pp. 113-124, 2003.
[19] L. Breveglieri, I. Koren, and P. Maistri, “Incorporating Error Detection and Online Reconfiguration into a Regular Architecture for the Advanced Encryption Standard,” Proc. 20th IEEE Int'l Symp. Defect and Fault-Tolerance in VLSI Systems (DFT '05), pp. 72-80, 2005.
[20] M.M. Kermani and A. Reyhani-Masoleh, “Parity-Based Fault Detection Architecture of S-Box for Advanced Encryption Standard,” Proc. 21st IEEE Int'l Symp. Defect and Fault-Tolerance in VLSI Systems (DFT '06), pp. 572-580, 2006.
[21] P. Maistri, P. Vanhauwaert, and R. Leveugle, “A Novel Double-Data-Rate AES Architecture Resistant against Fault Injection,” Proc. Fourth Int'l Workshop Fault Diagnosis and Tolerance in Cryptography (FDTC '07), pp. 54-61, Sept. 2007.
[22] M.G. Karpovski, K.J. Kulikowski, and A. Taubin, “Differential Fault Analysis Attack Resistant Architectures for the Advanced Encryption Standard,” Proc. Int'l Conf. Smart Card Research and Advanced Applications (CARDIS '04), pp. 177-192, 2004.
[23] M.G. Karpovski, K.J. Kulikowski, and A. Taubin, “Robust Protection against Fault-Injection Attacks on Smart Cards Implementing the Advanced Encryption Standard,” Proc. Int'l Conf. Dependable Systems and Networks (DSN '04), pp. 93-101, 2004.
[24] C.-H. Yen and B.-F. Wu, “Simple Error Detection Methods for Hardware Implementations of Advanced Encryption Standard,” IEEE Trans. Computers, vol. 55, no. 6, pp. 720-731, June 2006.
[25] R. Leveugle, A. Ammari, V. Maingot, E. Teyssou, P. Moitrel, C. Mourtel, N. Feyt, J.-B. Rigaud, and A. Tria, “Experimental Evaluation of Protections against Laser-Induced Faults and Consequences on Fault Modelling,” Proc. Design, Automation and Test in Europe Conf. (DATE '07), pp. 1587-1592, Apr. 2007.
[26] K. Wu and R. Karri, “Idle Cycles Based Concurrent Error Detection of RC6 Encryption,” Proc. 16th IEEE Int'l Symp. Defect and Fault-Tolerance in VLSI Systems (DFT '01), pp. 200-205, 2001.
[27] L.J. Sigal and C.R. Kime, “Concurrent Off-Phase Built-In Self-Test of Dormant Logic,” Proc. Int'l Test Conf. (ITC '88), pp. 934-941, 1988.
[28] P. Maistri, P. Vanhauwaert, and R. Leveugle, “Evaluation of Register-Level Protection Techniques for the Advanced Encryption Standard by Multi-Level Fault Injections,” Proc. 22nd IEEE Int'l Symp. Defect and Fault-Tolerance in VLSI Systems (DFT '07), pp. 499-507, 2007.
[29] P. Vanhauwaert, R. Leveugle, and P. Roche, “A Flexible SoPC-Based Fault Injection Environment,” Proc. Ninth IEEE Workshop Design and Diagnostics of Electronic Circuits and Systems (DDECS '06), Apr. 2006.
36 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool