Recomputing with permuted operands

A concurrent error detection approach

Xiaofei Guo, Ramesh Karri

Research output: Contribution to journalArticle

Abstract

Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection technique (CED) called recomputing with permuted operands (REPO). We show that it is cost effective in advanced encryption standard (AES) and a secure hash function Grostl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100% fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techniques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4%-27.3%, and the throughput is 1.2-23 Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10% to 100% depending on the security level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.

Original languageEnglish (US)
Article number6600917
Pages (from-to)1595-1608
Number of pages14
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Volume32
Issue number10
DOIs
StatePublished - 2013

Fingerprint

Error detection
Hardware
Cryptography
Field programmable gate arrays (FPGA)
Throughput
Hash functions
Costs

Keywords

  • Concurrent error detection
  • differential fault analysis
  • recomputing with permuted operands

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Graphics and Computer-Aided Design
  • Software

Cite this

Recomputing with permuted operands : A concurrent error detection approach. / Guo, Xiaofei; Karri, Ramesh.

In: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol. 32, No. 10, 6600917, 2013, p. 1595-1608.

Research output: Contribution to journalArticle

@article{c88b1647667e4d2ea8d4af6d25eef93b,
title = "Recomputing with permuted operands: A concurrent error detection approach",
abstract = "Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection technique (CED) called recomputing with permuted operands (REPO). We show that it is cost effective in advanced encryption standard (AES) and a secure hash function Grostl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100{\%} fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techniques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4{\%}-27.3{\%}, and the throughput is 1.2-23 Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10{\%} to 100{\%} depending on the security level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.",
keywords = "Concurrent error detection, differential fault analysis, recomputing with permuted operands",
author = "Xiaofei Guo and Ramesh Karri",
year = "2013",
doi = "10.1109/TCAD.2013.2263037",
language = "English (US)",
volume = "32",
pages = "1595--1608",
journal = "IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems",
issn = "0278-0070",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "10",

}

TY - JOUR

T1 - Recomputing with permuted operands

T2 - A concurrent error detection approach

AU - Guo, Xiaofei

AU - Karri, Ramesh

PY - 2013

Y1 - 2013

N2 - Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection technique (CED) called recomputing with permuted operands (REPO). We show that it is cost effective in advanced encryption standard (AES) and a secure hash function Grostl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100% fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techniques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4%-27.3%, and the throughput is 1.2-23 Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10% to 100% depending on the security level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.

AB - Naturally occurring and maliciously injected faults reduce the reliability of cryptographic hardware and may leak confidential information. We develop a concurrent error detection technique (CED) called recomputing with permuted operands (REPO). We show that it is cost effective in advanced encryption standard (AES) and a secure hash function Grostl. We provide experimental results and formal proofs to show that REPO detects all single-bit and single-byte faults. Experimental results show that REPO achieves close to 100% fault coverage for multiple byte faults. The hardware and throughput overheads are compared with those of previously reported CED techniques on two Xilinx Virtex FPGAs. The hardware overhead is 12.4%-27.3%, and the throughput is 1.2-23 Gbps, depending on the AES architecture, FPGA family, and detection latency. The performance overhead ranges from 10% to 100% depending on the security level. Moreover, the proposed technique can be integrated into various block cipher modes of operation. We also discuss the limitation of REPO and its potential vulnerabilities.

KW - Concurrent error detection

KW - differential fault analysis

KW - recomputing with permuted operands

UR - http://www.scopus.com/inward/record.url?scp=84884561233&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84884561233&partnerID=8YFLogxK

U2 - 10.1109/TCAD.2013.2263037

DO - 10.1109/TCAD.2013.2263037

M3 - Article

VL - 32

SP - 1595

EP - 1608

JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

SN - 0278-0070

IS - 10

M1 - 6600917

ER -