电子学报 ›› 2018, Vol. 46 ›› Issue (11): 2650-2659.DOI: 10.3969/j.issn.0372-2112.2018.11.012

• 学术论文 • 上一篇    下一篇

基于冗余有限域算术的AES S盒高效故障检测方案

戴强, 戴紫彬, 李伟   

  1. 解放军信息工程大学, 河南郑州 450001
  • 收稿日期:2017-11-03 修回日期:2018-01-28 出版日期:2018-11-25
    • 作者简介:
    • 戴强 男,1991年生于江西乐安.信息工程大学博士生,主要研究方向为安全专用芯片设计、密码硬件故障检测与容忍、可重构计算.E-mail:xierunyan123@163.com;戴紫彬 男,1966年生于河南商丘.信息工程大学教授,博士生导师.研究方向为专用芯片设计、可重构芯片、可重构SoC设计;李伟 男,1983年生于天津.博士,副教授,主要研究方向可重构计算、密码处理器研究.
    • 基金资助:
    • 国家自然科学基金 (No.61404175)

Highly Efficient Fault Detection Schemes for AES S-Box Based on Redundant GF Arithmetic

DAI Qiang, DAI Zi-bin, LI Wei   

  1. PLA Information Engineering University, Zhengzhou, Henan 450001, China
  • Received:2017-11-03 Revised:2018-01-28 Online:2018-11-25 Published:2018-11-25
    • Supported by:
    • National Natural Science Foundation of China (No.61404175)

摘要: 为使AES S盒的多奇偶校验故障检测方案具备预期故障检测能力,提出了由预期故障覆盖率确定预测奇偶总数的参数计算模型.根据模型确定的预测奇偶总数,为基于冗余有限域算术的S盒定制了两种多分块多奇偶校验的故障检测方案.推导优化了各分块预测奇偶计算公式,并通过穷举搜索找到了使整个电路结构最优的多项式系数与映射矩阵.仿真结果表明两种方案的随机多故障覆盖率均约为97%,验证了参数计算模型的有效性,突发故障覆盖率分别约为61.8%、76.3%,优于已有文献中大部分故障检测方案.综合结果表明,对比于已有文献中具有相似故障检测能力的故障检测S盒电路,所设计电路的面积-延时积最小.

关键词: AES, S盒, 复合域, 故障检测

Abstract: In order to achieve the expected fault detection capability for the multi-parity based fault detection scheme of AES S-box, a parameter calculation model was proposed to determine the total number of predicted parities according to the expected fault coverage. Two multi-parity based fault detection schemes which divided S-box based on redundant GF arithmetic into multiple blocks were designed on the basis of that number calculated by the model. The formulas for predicting the parity of each block was derived and optimized, and the polynomial coefficients and the mapping matrices were found by exhaustive search to get the optimum circuit. The simulation results show that the fault coverage of the two fault detection schemes is both about 97% for the random multiple faults which verifies the effectiveness of the parameter calculation model. The fault coverage of the two schemes for the burst faults are 61.8% and 76.3%, respectively, which are better than most fault detection schemes in existing works. Synthesis results show that the area-delay products of the two S-box circuits with fault detection capability are smallest compared to their counterparts with similar fault detection capabilities in existing literatures.

Key words: advanced encryption standard (AES), S-box, composite fields, fault detection

中图分类号: