Recomputing with Permuted Operands: A Concurrent Error Detection Approach
- 16 September 2013
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
- Vol. 32 (10), 1595-1608
- https://doi.org/10.1109/tcad.2013.2263037
Abstract
Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection technique (CED) called recomputing with permuted operands (REPO). We show that it is cost effective in advanced encryption standard (AES) and a secure hash function Grøstl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100% fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techniques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4%-27.3%, and the throughput is 1.2-23 Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10% to 100% depending on the security level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.Keywords
This publication has 20 references indexed in Scilit:
- Glitch and Laser Fault Attacks onto a Secure AES Implementation on a SRAM-Based FPGAJournal of Cryptology, 2010
- Double-Data-Rate Computation as a Countermeasure against Fault AnalysisInternational Conference on Acoustics, Speech, and Signal Processing (ICASSP), 2008
- Circuit Failure Prediction and Its Application to Transistor Aging26th IEEE VLSI Test Symposium (vts 2008), 2007
- Robust codes and robust, fault-tolerant architectures of the Advanced Encryption StandardJournal of Systems Architecture, 2007
- Designing Reliable Systems from Unreliable Components: The Challenges of Transistor Variability and DegradationIEEE Micro, 2005
- The Soft Error Problem: An Architectural PerspectivePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Low cost concurrent error detection for the advanced encryption standardPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Complementation-Like and Cyclic Properties of AES Round FunctionsLecture Notes in Computer Science, 2005
- Error analysis and detection procedures for a hardware implementation of the advanced encryption standardInternational Conference on Acoustics, Speech, and Signal Processing (ICASSP), 2003
- Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphersIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2002