scholarly journals Hybrid Pipeline Hardware Architecture Based on Error Detection and Correction for AES

Sensors ◽  
2021 ◽  
Vol 21 (16) ◽  
pp. 5655
Author(s):  
Ignacio Algredo-Badillo ◽  
Kelsey A. Ramírez-Gutiérrez ◽  
Luis Alberto Morales-Rosales ◽  
Daniel Pacheco Bautista ◽  
Claudia Feregrino-Uribe
Keyword(s):  
Fault Detection ◽  
Error Detection ◽  
Secure Communication ◽  
Critical Path ◽  
Fault Analysis ◽  
Hardware Architecture ◽  
Secret Key ◽  
Cryptographic Algorithm ◽  
Differential Fault Analysis ◽  
Error Detection And Correction

Currently, cryptographic algorithms are widely applied to communications systems to guarantee data security. For instance, in an emerging automotive environment where connectivity is a core part of autonomous and connected cars, it is essential to guarantee secure communications both inside and outside the vehicle. The AES algorithm has been widely applied to protect communications in onboard networks and outside the vehicle. Hardware implementations use techniques such as iterative, parallel, unrolled, and pipeline architectures. Nevertheless, the use of AES does not guarantee secure communication, because previous works have proved that implementations of secret key cryptosystems, such as AES, in hardware are sensitive to differential fault analysis. Moreover, it has been demonstrated that even a single fault during encryption or decryption could cause a large number of errors in encrypted or decrypted data. Although techniques such as iterative and parallel architectures have been explored for fault detection to protect AES encryption and decryption, it is necessary to explore other techniques such as pipelining. Furthermore, balancing a high throughput, reducing low power consumption, and using fewer hardware resources in the pipeline design are great challenges, and they are more difficult when considering fault detection and correction. In this research, we propose a novel hybrid pipeline hardware architecture focusing on error and fault detection for the AES cryptographic algorithm. The architecture is hybrid because it combines hardware and time redundancy through a pipeline structure, analyzing and balancing the critical path and distributing the processing elements within each stage. The main contribution is to present a pipeline structure for ciphering five times on the same data blocks, implementing a voting module to verify when an error occurs or when output has correct cipher data, optimizing the process, and using a decision tree to reduce the complexity of all combinations required for evaluating. The architecture is analyzed and implemented on several FPGA technologies, and it reports a throughput of 0.479 Gbps and an efficiency of 0.336 Mbps/LUT when a Virtex-7 is used.

scholarly journals Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA

Sensors ◽  
2020 ◽  
Vol 20 (23) ◽  
pp. 6909
Author(s):  
Francisco Eugenio Potestad-Ordóñez ◽  
Manuel Valencia-Barrero ◽  
Carmen Baena-Oliva ◽  
Pilar Parra-Fernández ◽  
Carlos Jesús Jiménez-Fernández
Keyword(s):  
Stream Cipher ◽  
Internal State ◽  
Clock Cycle ◽  
Fault Analysis ◽  
Invasive Technique ◽  
Sensitive Information ◽  
Secret Key ◽  
Key Recovery ◽  
Differential Fault Analysis ◽  
Secret Keys

One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions.

A Hybrid Countermeasure-Based Fault-Resistant AES Implementation

2019 ◽  
Vol 29 (03) ◽  
pp. 2050044
Author(s):  
Noura Benhadjyoussef ◽  
Mouna Karmani ◽  
Mohsen Machhout ◽  
Belgacem Hamdi
Keyword(s):  
Fault Detection ◽  
Fault Analysis ◽  
Advanced Encryption Standard ◽  
Implementation Cost ◽  
Additional Time ◽  
Area Overhead ◽  
Differential Fault Analysis ◽  
Detection Capabilities ◽  
Xilinx Fpga ◽  
Detection Schemes

A Fault-Resistant scheme has been proposed to secure the Advanced Encryption Standard (AES) against Differential Fault Analysis (DFA) attack. In this paper, a hybrid countermeasure has been presented in order to protect a 32-bits AES architecture proposed for resource-constrained embedded systems. A comparative study between the most well-known fault detection schemes in terms of fault detection capabilities and implementation cost has been proposed. Based on this study, we propose a hybrid fault resistant scheme to secure the AES using the parity detection for linear operations and the time redundancy for SubBytes operation. The proposed scheme is implemented on the Virtex-5 Xilinx FPGA board in order to evaluate the efficiency of the proposed fault-resistant scheme in terms of area, time costs and fault coverage (FC). Experimental results prove that the countermeasure achieves a FC with about 98,82% of the injected faults detected during the 32-bits AES process. The area overhead of the proposed countermeasure is about 14% and the additional time delay is about 13%.

Optimized CASCADE protocol for efficient information reconciliation

2018 ◽  
Vol 18 (7&8) ◽  
pp. 553-578
Author(s):  
Metin Toyran ◽  
Mustafa Toyran ◽  
Sitki Ozturk
Keyword(s):  
Error Detection ◽  
Quantum Key Distribution ◽  
Redundant Information ◽  
Secret Key ◽  
Classical Communication ◽  
Information Reconciliation ◽  
Extra Information ◽  
Quantum Transmission ◽  
Error Detection And Correction ◽  
Efficient Information

CASCADE protocol is an error detection and correction (EDC) method proposed firstly for use in quantum key distribution (QKD) systems. It is used to detect and correct all the errors in keys transmitted over a noisy quantum channel. This is done by sending some redundant information about the key to receiver as usual. However, just as differently, this extra information is sent over another noiseless classical channel after the quantum transmission is completely finished. Briefly, all the errors in noisy quantum communication are detected and corrected by a later noiseless classical communication using CASCADE protocol. In QKD literature, this EDC process is also called as information reconciliation (IR) or secret key reconciliation (SKR). For an IR protocol in QKD, one of the main performance measures is efficiency which depends on the amount of redundant information sent to make EDC possible. Since this extra information is transmitted over public channels, everyone can get it easily. Because this can damage the secrecy of keys that must be kept secret from third parties, more efficient, that is revealing less information about keys, IR methods are needed. In this paper, we present more efficient implementations of CASCADE protocol, using some inherent information already available in the protocol, exactly known bits and already known parities. This information is used in error detection and correction steps of the protocol to decrease the redundancy in redundant information. Our experiments have shown that the resulting protocols have higher efficiency than both all the previous CASCADE versions and several other more recently proposed IR methods.

Design of High-Speed Decoder for New High-Speed Bus

2010 ◽  
Vol 20-23 ◽  
pp. 958-962
Author(s):  
Wei Gong Zhang ◽  
Bo Yang ◽  
Rui Ding ◽  
Yong Qin Hu
Keyword(s):  
Error Correction ◽  
Intelligent Control ◽  
Error Detection ◽  
High Speed ◽  
Critical Path ◽  
Speed Error ◽  
Error Detection And Correction ◽  
Traditional Algorithm ◽  
New Type ◽  
Correction System

This paper presents a new type of high-speed error correction for the requirements of new high-Speed Bus. Use RS (255, 239). Not only optimization traditional algorithm, but also design bidirectional synchronous calculated adjoint form module, Fast B-M algorithm module. and full parallel Chien Search module. These design used in new high-Speed Bus, Larger than usual decoder designed to significantly shorten the critical path decoding, and achieve continuous decoding. In addition, this error correction system separated error detection and correction module modules, And after error detection module add intelligent control, which reduced the complexity and power consumption of equipment. The error correction system design for the requirements of the new bus which speed is above 400m / s.

scholarly journals ExpFault: An Automated Framework for Exploitable Fault Characterization in Block Ciphers

2018 ◽  
pp. 242-276 ◽  
Author(s):  
Sayandeep Saha ◽  
Debdeep Mukhopadhyay ◽  
Pallab Dasgupta
Keyword(s):  
Defense Mechanisms ◽  
Block Ciphers ◽  
Fault Analysis ◽  
Proof Of Concept ◽  
Secret Key ◽  
Cryptographic Primitives ◽  
Differential Fault Analysis ◽  
Comprehensive Knowledge ◽  
Fault Characterization ◽  
First Time

Malicious exploitation of faults for extracting secrets is one of the most practical and potent threats to modern cryptographic primitives. Interestingly, not every possible fault for a cryptosystem is maliciously exploitable, and evaluation of the exploitability of a fault is nontrivial. In order to devise precise defense mechanisms against such rogue faults, a comprehensive knowledge is required about the exploitable part of the fault space of a cryptosystem. Unfortunately, the fault space is diversified and of formidable size even while a single cryptoprimitive is considered and traditional manual fault analysis techniques may often fall short to practically cover such a fault space within reasonable time. An automation for analyzing individual fault instances for their exploitability is thus inevitable. Such an automation is supposed to work as the core engine for analyzing the fault spaces of cryptographic primitives. In this paper, we propose an automation for evaluating the exploitability status of fault instances from block ciphers, mainly in the context of Differential Fault Analysis (DFA) attacks. The proposed framework is generic and scalable, which are perhaps the two most important features for covering diversified fault spaces of formidable size originating from different ciphers. As a proof-of-concept, we reconstruct some known attack examples on AES and PRESENT using the framework and finally analyze a recently proposed cipher GIFT [BPP+17] for the first time. It is found that the secret key of GIFT can be uniquely determined with 1 nibble fault instance injected at the beginning of the 25th round with a reasonable computational complexity of 214.

scholarly journals Towards Optimized DFA Attacks on AES under Multibyte Random Fault Model

2018 ◽  
Vol 2018 ◽  
pp. 1-9
Author(s):  
Ruyan Wang ◽  
Xiaohan Meng ◽  
Yang Li ◽  
Jian Wang
Keyword(s):  
Fault Model ◽  
Fault Analysis ◽  
Advanced Encryption Standard ◽  
Security Assessment ◽  
Secret Key ◽  
Key Recovery ◽  
Differential Fault Analysis ◽  
Recovery Strategies ◽  
Secret Keys ◽  
Fault Distribution

Differential Fault Analysis (DFA) is one of the most practical methods to recover the secret keys from real cryptographic devices. In particular, DFA on Advanced Encryption Standard (AES) has been massively researched for many years for both single-byte and multibyte fault model. For AES, the first proposed DFA attack requires 6 pairs of ciphertexts to identify the secret key under multibyte fault model. Until now, the most efficient DFA under multibyte fault model proposed in 2017 can complete most of the attacks within 3 pairs of ciphertexts. However, we note that the attack is not fully optimized since no clear optimization goal was set. In this work, we introduce two optimization goals as the fewest ciphertext pairs and the least computational complexity. For these goals, we manage to figure out the corresponding optimized key recovery strategies, which further increase the efficiency of DFA attacks on AES. A more accurate security assessment of AES can be completed based on our study of DFA attacks on AES. Considering the variations of fault distribution, the improvement to the attack has been analyzed and verified.

scholarly journals FPGA based asymmetric crypto system design

2017 ◽  
Vol 7 (1.1) ◽  
pp. 612
Author(s):  
V Narasimha Nayak ◽  
M Ravi Kumar ◽  
K Anusha ◽  
Ch Kranthi Kiran
Keyword(s):  
Error Detection ◽  
Vital Role ◽  
Verilog Hdl ◽  
Private Key ◽  
Cryptographic Algorithm ◽  
Diffie Hellman ◽  
Error Detection And Correction ◽  
Encryption And Decryption ◽  
Transmission Of Information ◽  
Secure Transmission

In the network security system cryptography plays a vital role for the secure transmission of information. Cryptography is a process of integrating and transferring the data to the genuine users against any attacks. There are two types of Cryptographic algorithm: Symmetric and Asymmetric algorithms. In the symmetric type cryptography, single key is used for both encryption and decryption. Symmetric algorithms are fast and simple. Asymmetric cryptographic algorithm uses different keys such as public key to encrypt the message at sender and private key which is known only to receiver for decrypting the encrypted message. Asymmetric algorithms are more secure and difficult, to decrypt the message unless hacker acquires the knowledge of private key. A new Asymmetric algorithm with Error Detection and Correction mechanism is proposed that can reduce hardware, and improves decryption time and security. Proposed Asymmetric algorithm uses the few properties of: RSA, Diffie-Hellman and ElGamal Algorithms. Performance of asymmetric algorithms is compared with proposed algorithm, which is designed using Verilog HDL. Algorithms are synthesized, simulated, implemented using Vivado and targeted for Artix-7 XC7A100T-1CSG324Carchitecture.Chipscope Pro logic analyzer-Virtual Input Output core is binded to design for hardware debugging, to monitor and capture the output signals at selected specified state by applying random input stimuli at runtime in Nexys4 DDR FPGA Board.

Sign in / Sign up

Export Citation Format

Share Document