Fault Detection Scheme for AES Using Composite Field
-
Upload
ajal-jose -
Category
Engineering
-
view
259 -
download
5
description
Transcript of Fault Detection Scheme for AES Using Composite Field
![Page 1: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/1.jpg)
Fault Detection Scheme for AES Using Composite Field
BY
AJAL.A.J EPGPM – IIM K
![Page 2: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/2.jpg)
•SYSTEM ARCHITECTURE•SYSTEM ARCHITECTURE
•SIMULATION RESULTS•SIMULATION RESULTS
•RIJNDAEL ALGORITHM•RIJNDAEL ALGORITHM
FUTURE DEVELOPMENTFUTURE DEVELOPMENT
PRESENTATION OVERVIEW
![Page 3: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/3.jpg)
INTRODUCTION
• The cipher Rijndael is one of the five finalists of the Advanced Encryption Standard (AES)
• The algorithm has been designed by Joan Daemen and Vincent Rijmen
• It is a Block cipher. • The hardware implementation with 128-bit blocks
and 128-bit keys is presented. • VLSI optimizations of the Rijndael algorithm are
discussed and several hardware design modifications and techniques are used, such as memory sharing and parallelism.
![Page 4: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/4.jpg)
![Page 5: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/5.jpg)
Critical communications private
(confidentiality)
Know who we are dealing with (identity)
Guarantee messages unaltered (integrity)
Assert rights over content use (authorization)
All critical systems up-and-running
(availability)
Critical N/W Security Elements
![Page 6: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/6.jpg)
The Rijndael Chip
6
1. Rijndael2. Serpent3. Two fish4. RC 65. MARS
AES 128bit implementation
Selected by AES (Advanced Encryption Standard, part of NIST) as the new private-key encryption standard.
![Page 7: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/7.jpg)
Add Round KeySub BytesShift RowsMix ColumnsAdd Round Key
Sub BytesShift RowsMix ColumnsAdd Round KeySub BytesShift RowsAdd Round Key
Add Round KeyInv Sub BytesInv Shift RowsInv Mix ColumnsAdd Round Key
Inv Sub BytesInv Shift RowsInv Mix ColumnsAdd Round KeyInv Sub BytesInv Shift RowsAdd Round Key
1
9
101
2
10
9
Encryption Decryption
Partition of the rounds not suited for intraround pipelining
Rijndael Algorithm – Round
![Page 8: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/8.jpg)
Rijndael Architecture - Overview
ParallelRound 1
Round KeyRegister
ParallelRound 2
KeyGenerator
Add
Key
Dat
a R
egK
ey R
eg
Con
trol
ler
128
12832
32
32128
128 128
128 128
Dat
a R
eg
Largest potential for optimizations in rounds
![Page 9: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/9.jpg)
It all starts with a key• What is a key? • Encryption algorithm is like a recipe for
spaghetti. Key is like the choice of sauce that changes the end result.
Encrypt – Garble so it’s unreadable
Decrypt – Ungarble so it can be read again
Plain text
I am going to the market
encrypt algorithm – add x letters
key - 2 hard to read, UNLESS you
know the key
Cipher text
K co iqkpi vq vjg octmgv
Encrypting Text
Plain text
I am going to the market
CipherText
K co iqkpi vq vjg octmgv
decryption algorithm – subtract x
letters
key - 2
Decrypting Text
That’s encryption!
![Page 10: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/10.jpg)
BLOCK DIAGRAM - DECRYPTION CORES
![Page 11: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/11.jpg)
EncryptionPath
DecryptionPath
SubBytes
Inv SubBytes
Inv
Aff
Tra
ns
Mul
t Inv
erse
Aff
Tra
ns
Rijndael S-box consists of two operations
Parallel impletation of S-Boxes
Multiplicative inverse can be shared
Mul
t Inv
erse
![Page 12: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/12.jpg)
![Page 13: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/13.jpg)
![Page 14: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/14.jpg)
![Page 15: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/15.jpg)
Encryption Simulation Result
![Page 16: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/16.jpg)
Decryption Simulation Result
![Page 17: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/17.jpg)
Synthesis Report And Result Of AES Fault Detection Schemes
![Page 18: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/18.jpg)
Comparison of s- box
Design Area Delay Power
LUT-Based 262144 31.824ns 35mw
Composite Field Based
28514 8.129ns 34mw
![Page 19: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/19.jpg)
Output Waveform for composite field s-box without error
![Page 20: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/20.jpg)
Output wave form of encryption algorithm for composite field s-box
without error
![Page 21: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/21.jpg)
Output wave form decryption algorithm for composite field s-box
without error
![Page 22: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/22.jpg)
Output wave form decryption algorithm for composite field s-box
with error
![Page 23: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/23.jpg)
Map report--------------
• Number of errors: 0
• Number of warnings: 0
![Page 24: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/24.jpg)
HDL SYNTHESIS REPORT
Macro Statistics# ROMs : 5616x128-bit ROM : 56# Multiplexers : 668-bit 10-to-1 MUX : 108-bit 16-to-1 MUX : 56# XORs : 171128-bit xor2 : 118-bit xor2 : 1508-bit xor3 : 10
![Page 25: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/25.jpg)
Implementation Encryption Speed
Software implementation (ANSI C)
27Mb/s
Visual C++ 70.5Mb/s
Hardware Implementation (Altra)
268Mb/s
Proposed VHDL (Virtex II)
2.18Gb/s
Performance Comparison
![Page 26: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/26.jpg)
![Page 27: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/27.jpg)
![Page 28: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/28.jpg)
![Page 29: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/29.jpg)
![Page 30: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/30.jpg)
![Page 31: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/31.jpg)
![Page 32: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/32.jpg)
![Page 33: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/33.jpg)
![Page 34: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/34.jpg)
![Page 35: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/35.jpg)
![Page 36: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/36.jpg)
FUTURE DEVELOPMENT
• For future development, estimation on the real time required for key initialization and time for a whole encryption should be done on the real chip.
• Research is still going on the encryptor core for higher bit lengths.
• FPGA based solutions have shown significant speedups compared with software based approaches
• The widespread adoption of distributed, wireless, and mobile computing makes the inclusion of privacy, authentication and security
• Power consumption will remain a critical factor ,especially when cryptographic applications will move into embedded context
![Page 37: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/37.jpg)
CONCLUSION• In this paper, a VLSI implementation for the Rijndael
encryption algorithm is presented • The combination of security, and high speed implementation,
makes it a very good choice for wireless systems.• The whole design was captured entirely in VHDL language
using a bottom-up design and verification methodology • The proposed VLSI implementation of the algorithm reduces the
covered area and achieves a data throughput up to 2.18Gbit/sec.• An optimized coding for the implementation of Rijndael
algorithm for 128 bits has been developed • Architectural innovations like on the fly round key generation,
which facilitates simultaneous execution of sub bytes, shift rows and mix columns and round key generation has been incorporated in our coding.
![Page 38: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/38.jpg)
FUTURE WORK
• We have presented a high performance parity based low complexity fault detection scheme for the AES using the S-box and the inverse S-box in composite fields.
• In our implementations, we used parity method in case of s box and ensured that error detection at s box takes two times which improves the fault coverage to a great extent. According to our simulation results, with acceptable error coverage, the structure-independent schemes proposed in this paper have the highest efficiencies, showing reasonable area and time complexity overheads. Based on the AES structure chosen, the performance goals to achieve, and the resources available, one can use combinations of the presented schemes in order to have much more reliable AES encryption and decryption structure.
![Page 39: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/39.jpg)
FUTURE WORK
![Page 40: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/40.jpg)
[1] National Institute of Standards and Technologies, Announcing the Advanced Encryption Standard (AES) FIPS 197, Nov. 2001.[2] R. Karri, K. Wu, P. Mishra, and K. Yongkook, “Fault-based side-channel cryptanalysis tolerant Rijndael symmetric block cipher architecture,” in Proc. DFT, Oct. 2001, pp. 418–426.[3] R. Karri, K. Wu, P. Mishra, and Y. Kim, “Concurrent error detection schemes for fault-based side-channel cryptanalysis of symmetric block ciphers,” IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst., vol. 21, no. 12, pp. 1509–1517, Dec. 2002.[4] A. Satoh, T. Sugawara, N. Homma, and T. Aoki, “High-performance concurrent error detection scheme for AES hardware,” in Proc. CHES, Aug. 2008, pp. 100–112.
![Page 41: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/41.jpg)
[5] L. Breveglieri, I. Koren, and P. Maistri, “Incorporating error detection and online reconfiguration into a regular architecture for the advanced encryption standard,” in Proc. DFT, Oct. 2005, pp. 72–80.[6] M. Karpovsky, K. J. Kulikowski, and A. Taubin, “Differential fault analysis attack resistant architectures for the advanced encryption standard,” in Proc. CARDIS, Aug. 2004, vol. 153, pp. 177–192.[7] P. Maistri and R. Leveugle, “Double-data-rate computation as a countermeasure against fault analysis,” IEEE Trans. Computers, vol. 57, no. 11, pp. 1528–1539, Nov. 2008.[8] C. H. Yen and B. F.Wu, “Simple error detection methods for hardwareimplementation of advanced encryption standard,” IEEE Trans. Computers, vol. 55, no. 6, pp. 720–731, Jun. 2006.[9] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “A parity code based fault detection for an implementation of the advanced encryption standard,” in Proc. DFT, Nov. 2002, pp. 51–59.[10] G. Bertoni, L. Breveglieri, I. Koren, P. Maistri, and V. Piuri, “Error analysis and detection procedures for a hardware implementation of the advanced encryption standard,” IEEE Trans. Computers, vol. 52, no. 4, pp. 492–505, Apr. 2003.[11] C. Moratelli, F. Ghellar, E. Cota, and M. Lubaszewski, “A fault-tolerant DFA-resistant AES core,” in Proc. ISCAS, 2008, pp. 244–247.[12] M. Mozaffari-Kermani and A. Reyhani-Masoleh, “Parity-based fault detection architecture of S-box for advanced encryption standard,” in Proc. DFT, Verbauwhede, “A systematic evaluation of compact hardware implementations for the Rijndael S-box,” in Proc. CT-RSA, Feb. 2005, pp. 323–333. Oct. 2006, pp. 572 580.
![Page 42: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/42.jpg)
[13] S.-Y. Wu and H.-T. Yen, “On the S-box architectures with concurrent error detection for the advanced encryption standard,” IEICE Trans. Fundam. Electron., Commun. Comput. Sci., vol. E89-A, no. 10, pp. 2583–2588, Oct. 2006.
[14] A. E. Cohen, “Architectures for Cryptography Accelerators,” Ph.D. dissertation, Univ. Minnesota, Twin Cities, Sep. 2007.
[15] M. Mozaffari-Kermani and A. Reyhani-Masoleh, “A lightweight concurrent fault detection scheme for the AES S-boxes using normal basis,” in Proc. CHES, Aug. 2008, pp. 113–129.
[16] D. Canright, “A very compact S-box for AES,” in Proc. CHES, Aug. 2005, pp. 441–455.
[17] A. Satoh, S. Morioka, K. Takano, and S. Munetoh, “A compact Rijndael hardware architecture with S-box optimization,” in Proc. ASIACRYPT, Dec. 2001, pp. 239–254.
[18] J.Wolkerstorfer, E. Oswald, and M. Lamberger, “An ASIC implementation of the AES SBoxes,” in Proc. CT-RSA, 2002, pp. 67–78.
[19] V. Rijmen, Dept. ESAT, Katholieke Universiteit Leuven, Leuven, Belgium, Efficient Implementation of the Rijndael S-Box, 2000.
[20] X. Zhang and K. K. Parhi, “High-speed VLSI architectures for the AES algorithm,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. VLSI-12, no. 9, pp. 957–967, Sep. 2004.
[21] X. Zhang and K. K. Parhi, “On the optimum constructions of composite field for the AES algorithm,” IEEE Trans. Circuits Syst. II, Exp. Briefs, vol. 53, no. 10, pp. 1153–1157, Oct. 2006.
[22] N. Mentens, L. Batina, B. Preneel, and I. Verbauwhede, “A systematic evaluation of compact hardware implementations for the Rijndael S-box,” in Proc. CT-RSA, Feb. 2005, pp. 323–333.
![Page 43: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/43.jpg)
![Page 44: Fault Detection Scheme for AES Using Composite Field](https://reader036.fdocuments.in/reader036/viewer/2022062319/5583b874d8b42a410e8b4623/html5/thumbnails/44.jpg)
QUERRIES ? ? ?
AJAL.A.J
MOB: 0-8907305642