Cost reduction and evaluation of temporary faults detecting technique
DATE '00 Proceedings of the conference on Design, automation and test in Europe
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Compact Rijndael Hardware Architecture with S-Box Optimization
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
IEEE Transactions on Computers
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
An Efficient Hardware-Based Fault Diagnosis Scheme for AES: Performances and Cost
DFT '04 Proceedings of the Defect and Fault Tolerance in VLSI Systems, 19th IEEE International Symposium
DFT '05 Proceedings of the 20th IEEE International Symposium on Defect and Fault Tolerance in VLSI Systems
Low Cost Concurrent Error Detection for the Advanced Encryption Standard
ITC '04 Proceedings of the International Test Conference on International Test Conference
Simple Error Detection Methods for Hardware Implementation of Advanced Encryption Standard
IEEE Transactions on Computers
Parity-Based Fault Detection Architecture of S-box for Advanced Encryption Standard
DFT '06 Proceedings of the 21st IEEE International Symposium on on Defect and Fault-Tolerance in VLSI Systems
FDTC '07 Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography
A Novel Double-Data-Rate AES Architecture Resistant against Fault Injection
FDTC '07 Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography
DFA Mechanism on the AES Key Schedule
FDTC '07 Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography
Fault based collision attacks on AES
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
A comparative cost/security analysis of fault attack countermeasures
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Garbled circuits for leakage-resilience: hardware implementation and evaluation of one-time programs
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
A compact AES core with on-line error-detection for FPGA applications with modest hardware resources
Microprocessors & Microsystems
A Fault Detection Scheme for the FPGA Implementation of SHA-1 and SHA-512 Round Computations
Journal of Electronic Testing: Theory and Applications
Meet-in-the-middle and impossible differential fault analysis on AES
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Fault analysis study of the block cipher FOX64
Multimedia Tools and Applications
| Hi-index | 0.00 |
This paper proposes an efficient concurrent error detection scheme for hardware implementation of the block cipher AES. The proposed scheme does not require an additional arithmetic unit, but simply divides the round function block into two sub-blocks and uses the sub-blocks alternately for encryption (or decryption) and error detection. The number of clock cycles is doubled, but the maximum operating frequency is increased owing to the shortened critical path of the sub-block. Therefore, the proposed scheme has a limited impact on hardware performance with respect to size and speed. AES hardware with the proposed scheme was designed and synthesized using a 90-nm CMOS standard cell library with size and speed optimization options. The compact and high-speed implementations achieved performances of 2.21 Gbps @ 16.1 Kgates and 3.21 Gbps @ 24.1 Kgates, respectively. In contrast, the performances of AES hardware without error detection were 1.66 Gbps @ 12.9 Kgates for the compact version and 4.22 Gbps @ 30.7 Kgates for the high-speed version. There is only a slight difference between the performances with and without error detection. The performance overhead caused by the error detection is evaluated at the optimal balance between size and speed and was estimated to be 14.5% at maximum. Conversely, the AES hardware with the proposed scheme had better performance in some cases. If pipeline operation is allowed, as in the CTR mode, throughputs can easily be boosted by further dividing the sub-blocks. Although the proposed error detection scheme was applied to AES in the present study, it can also be applied to other algorithms efficiently.