Tamper proofing by design using generalized involution-based concurrent error detection for involutional substitution permutation and feistel networks

Nikhil Joshi, Jayachandran Sundararajan, Kaijie Wu, Bo Yang, Ramesh Karri

Research output: Contribution to journalArticle

Abstract

Secure operation of cryptographic algorithms is critical to the success of secure transactions. Fault-based attacks that recover secret keys by deliberately introducing fault(s) in cipher implementations and analyzing the faulty outputs have been proven to be extremely powerful. Substitution Permutation Networks (SPN) and Feistel Networks (FN) are the two important classes of Symmetric Block Ciphers. Some SPN ciphers and all FN Ciphers satisfy the involution property. A function F is an involution if F(F(x)) = x. In this paper, we investigate tamper proofing techniques that use low cost involution-based time redundancy concurrent error detection (CED) schemes for involutional SPN and FN symmetric block ciphers. We incorporated this tamper proofing by design technique in a hardware implementation of the 128-bit ANUBIS SPN cipher (an involution variant of the Advanced Encryption Standard (AES)) and the 128-bit TwoFish FN cipher (an AES finalist). We performed fault simulation at both the algorithm and the gate level to show that the low-cost involution-based CED schemes, in addition to detecting all transient faults, can detect all single-bit permanent faults and > 99 percent of all multiple-bit permanent faults. Consequently, this low cost CED technique can protect the crypto device against Differential Fault Analysis (DFA) attacks.

Original languageEnglish (US)
Pages (from-to)1230-1239
Number of pages10
JournalIEEE Transactions on Computers
Volume55
Issue number10
DOIs
StatePublished - Oct 2006

Fingerprint

Error Detection
Error detection
Involution
Substitution
Concurrent
Permutation
Substitution reactions
Cryptography
Fault
Advanced Encryption Standard
Costs
Block Ciphers
Redundancy
Attack
Fault Simulation
Transient Faults
Fault Analysis
Hardware
Design
Hardware Implementation

Keywords

  • ANUBIS
  • Concurrent Error Detection (CED)
  • Cryptography
  • Feistel networks
  • Subsitution Permutation Networks (SPN)
  • Tamper proofing
  • TwoFish

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Hardware and Architecture

Cite this

Tamper proofing by design using generalized involution-based concurrent error detection for involutional substitution permutation and feistel networks. / Joshi, Nikhil; Sundararajan, Jayachandran; Wu, Kaijie; Yang, Bo; Karri, Ramesh.

In: IEEE Transactions on Computers, Vol. 55, No. 10, 10.2006, p. 1230-1239.

Research output: Contribution to journalArticle

@article{6bc7a0cb49d7437b92ec58cbf679cddb,
title = "Tamper proofing by design using generalized involution-based concurrent error detection for involutional substitution permutation and feistel networks",
abstract = "Secure operation of cryptographic algorithms is critical to the success of secure transactions. Fault-based attacks that recover secret keys by deliberately introducing fault(s) in cipher implementations and analyzing the faulty outputs have been proven to be extremely powerful. Substitution Permutation Networks (SPN) and Feistel Networks (FN) are the two important classes of Symmetric Block Ciphers. Some SPN ciphers and all FN Ciphers satisfy the involution property. A function F is an involution if F(F(x)) = x. In this paper, we investigate tamper proofing techniques that use low cost involution-based time redundancy concurrent error detection (CED) schemes for involutional SPN and FN symmetric block ciphers. We incorporated this tamper proofing by design technique in a hardware implementation of the 128-bit ANUBIS SPN cipher (an involution variant of the Advanced Encryption Standard (AES)) and the 128-bit TwoFish FN cipher (an AES finalist). We performed fault simulation at both the algorithm and the gate level to show that the low-cost involution-based CED schemes, in addition to detecting all transient faults, can detect all single-bit permanent faults and > 99 percent of all multiple-bit permanent faults. Consequently, this low cost CED technique can protect the crypto device against Differential Fault Analysis (DFA) attacks.",
keywords = "ANUBIS, Concurrent Error Detection (CED), Cryptography, Feistel networks, Subsitution Permutation Networks (SPN), Tamper proofing, TwoFish",
author = "Nikhil Joshi and Jayachandran Sundararajan and Kaijie Wu and Bo Yang and Ramesh Karri",
year = "2006",
month = "10",
doi = "10.1109/TC.2006.167",
language = "English (US)",
volume = "55",
pages = "1230--1239",
journal = "IEEE Transactions on Computers",
issn = "0018-9340",
publisher = "IEEE Computer Society",
number = "10",

}

TY - JOUR

T1 - Tamper proofing by design using generalized involution-based concurrent error detection for involutional substitution permutation and feistel networks

AU - Joshi, Nikhil

AU - Sundararajan, Jayachandran

AU - Wu, Kaijie

AU - Yang, Bo

AU - Karri, Ramesh

PY - 2006/10

Y1 - 2006/10

N2 - Secure operation of cryptographic algorithms is critical to the success of secure transactions. Fault-based attacks that recover secret keys by deliberately introducing fault(s) in cipher implementations and analyzing the faulty outputs have been proven to be extremely powerful. Substitution Permutation Networks (SPN) and Feistel Networks (FN) are the two important classes of Symmetric Block Ciphers. Some SPN ciphers and all FN Ciphers satisfy the involution property. A function F is an involution if F(F(x)) = x. In this paper, we investigate tamper proofing techniques that use low cost involution-based time redundancy concurrent error detection (CED) schemes for involutional SPN and FN symmetric block ciphers. We incorporated this tamper proofing by design technique in a hardware implementation of the 128-bit ANUBIS SPN cipher (an involution variant of the Advanced Encryption Standard (AES)) and the 128-bit TwoFish FN cipher (an AES finalist). We performed fault simulation at both the algorithm and the gate level to show that the low-cost involution-based CED schemes, in addition to detecting all transient faults, can detect all single-bit permanent faults and > 99 percent of all multiple-bit permanent faults. Consequently, this low cost CED technique can protect the crypto device against Differential Fault Analysis (DFA) attacks.

AB - Secure operation of cryptographic algorithms is critical to the success of secure transactions. Fault-based attacks that recover secret keys by deliberately introducing fault(s) in cipher implementations and analyzing the faulty outputs have been proven to be extremely powerful. Substitution Permutation Networks (SPN) and Feistel Networks (FN) are the two important classes of Symmetric Block Ciphers. Some SPN ciphers and all FN Ciphers satisfy the involution property. A function F is an involution if F(F(x)) = x. In this paper, we investigate tamper proofing techniques that use low cost involution-based time redundancy concurrent error detection (CED) schemes for involutional SPN and FN symmetric block ciphers. We incorporated this tamper proofing by design technique in a hardware implementation of the 128-bit ANUBIS SPN cipher (an involution variant of the Advanced Encryption Standard (AES)) and the 128-bit TwoFish FN cipher (an AES finalist). We performed fault simulation at both the algorithm and the gate level to show that the low-cost involution-based CED schemes, in addition to detecting all transient faults, can detect all single-bit permanent faults and > 99 percent of all multiple-bit permanent faults. Consequently, this low cost CED technique can protect the crypto device against Differential Fault Analysis (DFA) attacks.

KW - ANUBIS

KW - Concurrent Error Detection (CED)

KW - Cryptography

KW - Feistel networks

KW - Subsitution Permutation Networks (SPN)

KW - Tamper proofing

KW - TwoFish

UR - http://www.scopus.com/inward/record.url?scp=33748514798&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33748514798&partnerID=8YFLogxK

U2 - 10.1109/TC.2006.167

DO - 10.1109/TC.2006.167

M3 - Article

AN - SCOPUS:33748514798

VL - 55

SP - 1230

EP - 1239

JO - IEEE Transactions on Computers

JF - IEEE Transactions on Computers

SN - 0018-9340

IS - 10

ER -