Subscribe
Issue No.05 - May (2010 vol.59)
pp: 608-622
Mehran Mozaffari-Kermani , The University of Western Ontario, London, Ontario, Canada
Arash Reyhani-Masoleh , The University of Western Ontario, London, Ontario, Canada
ABSTRACT
The Advanced Encryption Standard (AES) has been lately accepted as the symmetric cryptography standard for confidential data transmission. However, the natural and malicious injected faults reduce its reliability and may cause confidential information leakage. In this paper, we study concurrent fault detection schemes for reaching a reliable AES architecture. Specifically, we propose low-cost structure-independent fault detection schemes for the AES encryption and decryption. We have obtained new formulations for the fault detection of SubBytes and inverse SubBytes using the relation between the input and the output of the S-box and the inverse S-box. The proposed schemes are independent of the way the S-box and the inverse S-box are constructed. Therefore, they can be used for both the S-boxes and the inverse S-boxes using lookup tables and those utilizing logic gates based on composite fields. Our simulation results show the error coverage of greater than 99 percent for the proposed schemes. Moreover, the proposed and the previously reported fault detection schemes have been implemented on the most recent Xilinx Virtex FPGAs. Their area and delay overheads have been compared and it is shown that the proposed schemes outperform the previously reported ones.
INDEX TERMS
Advanced encryption standard, concurrent error detection (CED), reliability, signature-based fault detection.
CITATION
Mehran Mozaffari-Kermani, Arash Reyhani-Masoleh, "Concurrent Structure-Independent Fault Detection Schemes for the Advanced Encryption Standard", IEEE Transactions on Computers, vol.59, no. 5, pp. 608-622, May 2010, doi:10.1109/TC.2010.33
REFERENCES
 [1] National Institute of Standards and Tech nologies, "Announcing the Advanced Encryption Standard (AES)," Federal Information Processing Standards Publication, no. 197, Nov. 2001. [2] M. Akkar and C. Giraud, "An Implementation of DES and AES, Secure against Some Attacks," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '01), pp. 315-325, May 2001. [3] S. Trimberger, "Security in SRAM FPGAs," IEEE Design and Test of Computers, vol. 24, no. 6, p. 581, Nov. 2007. [4] Xilinx, http:/www.xilinx.com/, 2010. [5] P. Dusart, G. Letourneux, and O. Vivolo, "Differential Fault Analysis on AES," Proc. Int'l Conf. Applied Cryptography and Network Security (ACNS '03), pp. 293-306, Oct. 2003. [6] G. Piret and J.J. Quisquater, "A Differential Fault Attack Technique against SPN Structures, with Application to the AES and Khazad," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '03), pp. 77-88, Sept. 2003. [7] J. Blomer and V. Krummel, "Fault Based Collision Attacks on AES," Proc. Int'l Workshop Fault Diagnosis and Tolerance in Cryptography (FDTC '06), pp. 106-120, Oct. 2006. [8] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, "A Parity Code Based Fault Detection for an Implementation of the Advanced Encryption Standard," Proc. IEEE Int'l Symp. Defect and Fault Tolerance in VLSI Systems (DFT '02), pp. 51-59, Nov. 2002. [9] R. Karri, G. Kuznetsov, and M. Goessel, "Parity-Based Concurrent Error Detection of Substitution-Permutation Network Block Ciphers," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '03), pp. 113-124, Sept. 2003. [10] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, "Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard," IEEE Trans. Computers, vol. 52, no. 4, pp. 492-505, Apr. 2003. [11] G. Bertoni, L. Breveglieri, I. Koren, and P. Maistri, "An Efficient Hardware-Based Fault Diagnosis Scheme for AES: Performances and Cost," Proc. IEEE Int'l Symp. Defect and Fault Tolerance in VLSI Systems (DFT '04), pp. 130-138, Oct. 2004. [12] L. Breveglieri, I. Koren, and P. Maistri, "Incorporating Error Detection and Online Reconfiguration into a Regular Architecture for the AES," Proc. IEEE Int'l Symp. Defect and Fault Tolerance in VLSI Systems (DFT '05), pp. 72-80, Oct. 2005. [13] K. Wu, R. Karri, G. Kuznetsov, and M. Goessel, "Low Cost Concurrent Error Detection for the Advanced Encryption Standard," Proc. Int'l Test Conf. '04, pp. 1242-1248, Oct. 2004. [14] R. Karri, K. Wu, P. Mishra, and K. Yongkook, "Fault-Based Side Channel Cryptanalysis Tolerant Rijndael Symmetric Block Cipher Architecture," Proc. IEEE Int'l Symp. Defect and Fault Tolerance in VLSI Systems (DFT '01), pp. 418-426, Oct. 2001. [15] C.H. Yen and B.F. Wu, "Simple Error Detection Methods for Hardware Implementation of Advanced Encryption Standard," IEEE Trans. Computers, vol. 55, no. 6, pp. 720-731, June 2006. [16] T.G. Malkin, F.X. Standaert, and M. Yung, "A Comparative Cost/Security Analysis of Fault Attack Countermeasures," Proc. Int'l Workshop Fault Diagnosis and Tolerance in Cryptography (FDTC '06), pp. 159-172, Oct. 2006. [17] A. Satoh, T. Sugawara, N. Homma, and T. Aoki, "High-Performance Concurrent Error Detection Scheme for AES Hardware," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '08), pp. 100-112, Aug. 2008. [18] M. Mozaffari-Kermani and A. Reyhani-Masoleh, "A Lightweight Concurrent Fault Detection Scheme for the AES S-Boxes Using Normal Basis," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '08), pp. 113-129, Aug. 2008. [19] M. Karpovsky, K.J. Kulikowski, and A. Taubin, "Differential Fault Analysis Attack Resistant Architectures for the Advanced Encryption Standard," Proc. Conf. Smart Card Research and Advanced Applications (CARDIS '04), vol. 153, pp. 177-192, Aug. 2004. [20] P. Maistri and R. Leveugle, "Double-Data-Rate Computation as a Countermeasure against Fault Analysis," IEEE Trans. Computers, vol. 57, no. 11, pp. 1528-1539, Nov. 2008. [21] C. Moratelli, F. Ghellar, E. Cota, and M. Lubaszewski, "A Fault-Tolerant DFA-Resistant AES Core," Proc. IEEE Int'l Symp. Circuits and Systems (ISCAS '08), pp. 244-247, May 2008. [22] A. Reyhani-Masoleh and M. Hasan, "Low Complexity Bit Parallel Architectures for Polynomial Basis Multiplication over $GF({2^{m}})$ ," IEEE Trans. Computers, vol. 53, no. 8, pp. 945-959, Aug. 2004. [23] X. Zhang and K.K. Parhi, "High-Speed VLSI Architectures for the AES Algorithm," IEEE Trans. Very Large Scale Integration Systems, vol. 12, no. 9, pp. 957-967, Sept. 2004. [24] R. Zimmermann and W. Fichtner, "Low-Power Logic Styles: CMOS versus Pass-Transistor Logic," IEEE J. Solid-State Circuits, vol. 32, no. 7, pp. 1079-1090, 1997. [25] L. Breveglieri, I. Koren, and P. Maistri, "An Operation-Centered Approach to Fault Detection in Symmetric Cryptography Ciphers," IEEE Trans. Computers, vol. 56, no. 5, pp. 534-540, May 2007. [26] M. George and P. Alfke, "Linear Feedback Shift Registers in Virtex Devices," Xilinx Application Note 210, http://www.xilinx.com/support/documentation/ application_notesxapp210.pdf, 2010. [27] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, "A Compact Rijndael Hardware Architecture with S-Box Optimization," Proc. Int'l Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT '01), pp. 239-254, Dec. 2001. [28] S. Morioka and A. Satoh, "An Optimized S-Box Circuit Architecture for Low Power AES Design," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '02), pp. 172-186, Aug. 2002. [29] F.X. Standaert, G. Rouvroy, J.J. Quisquater, and J.D. Legat, "Efficient Implementation of Rijndael Encryption in Reconfigurable Hardware: Improvements and Design Tradeoffs," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '03), pp. 334-350, Sept. 2003. [30] D. Canright, "A Very Compact S-Box for AES," Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '05), pp. 441-455, Sept. 2005. [31] C. Moratelli, E. Cota, and M. Lubaszewski, "A Cryptography Core Tolerant to DFA Fault Attacks," Proc. Ann. Symp. Integrated Circuits and Systems Design (SBCCI '06), pp. 190-195, Sept. 2006. [32] M. Mozaffari-Kermani and A. Reyhani-Masoleh, "A Structure-Independent Approach for Fault Detection Hardware Implementations of the Advanced Encryption Standard," Proc. Int'l Workshop Fault Diagnosis and Tolerance in Cryptography (FDTC '07), pp. 47-53, Sept. 2007.