基于冗余有限域算术的AES S盒高效故障检测方案

doi:10.3969/j.issn.0372-2112.2018.11.012

电子学报 ›› 2018, Vol. 46 ›› Issue (11): 2650-2659.DOI: 10.3969/j.issn.0372-2112.2018.11.012

基于冗余有限域算术的AES S盒高效故障检测方案

戴强, 戴紫彬, 李伟

解放军信息工程大学, 河南郑州 450001

收稿日期:2017-11-03 修回日期:2018-01-28 出版日期:2018-11-25
- 作者简介:
- 戴强男,1991年生于江西乐安.信息工程大学博士生,主要研究方向为安全专用芯片设计、密码硬件故障检测与容忍、可重构计算.E-mail:xierunyan123@163.com;戴紫彬 男,1966年生于河南商丘.信息工程大学教授,博士生导师.研究方向为专用芯片设计、可重构芯片、可重构SoC设计;李伟男,1983年生于天津.博士,副教授,主要研究方向可重构计算、密码处理器研究.
- 基金资助:
- 国家自然科学基金 (No.61404175）

Highly Efficient Fault Detection Schemes for AES S-Box Based on Redundant GF Arithmetic

DAI Qiang, DAI Zi-bin, LI Wei

PLA Information Engineering University, Zhengzhou, Henan 450001, China

Received:2017-11-03 Revised:2018-01-28 Online:2018-11-25 Published:2018-11-25
- Supported by:
- National Natural Science Foundation of China (No.61404175)

摘要/Abstract

摘要： 为使AES S盒的多奇偶校验故障检测方案具备预期故障检测能力，提出了由预期故障覆盖率确定预测奇偶总数的参数计算模型.根据模型确定的预测奇偶总数，为基于冗余有限域算术的S盒定制了两种多分块多奇偶校验的故障检测方案.推导优化了各分块预测奇偶计算公式，并通过穷举搜索找到了使整个电路结构最优的多项式系数与映射矩阵.仿真结果表明两种方案的随机多故障覆盖率均约为97%，验证了参数计算模型的有效性，突发故障覆盖率分别约为61.8%、76.3%，优于已有文献中大部分故障检测方案.综合结果表明，对比于已有文献中具有相似故障检测能力的故障检测S盒电路，所设计电路的面积-延时积最小.

关键词: AES, S盒, 复合域, 故障检测

Abstract: In order to achieve the expected fault detection capability for the multi-parity based fault detection scheme of AES S-box, a parameter calculation model was proposed to determine the total number of predicted parities according to the expected fault coverage. Two multi-parity based fault detection schemes which divided S-box based on redundant GF arithmetic into multiple blocks were designed on the basis of that number calculated by the model. The formulas for predicting the parity of each block was derived and optimized, and the polynomial coefficients and the mapping matrices were found by exhaustive search to get the optimum circuit. The simulation results show that the fault coverage of the two fault detection schemes is both about 97% for the random multiple faults which verifies the effectiveness of the parameter calculation model. The fault coverage of the two schemes for the burst faults are 61.8% and 76.3%, respectively, which are better than most fault detection schemes in existing works. Synthesis results show that the area-delay products of the two S-box circuits with fault detection capability are smallest compared to their counterparts with similar fault detection capabilities in existing literatures.

Key words: advanced encryption standard (AES), S-box, composite fields, fault detection

中图分类号:

TP302

戴强, 戴紫彬, 李伟. 基于冗余有限域算术的AES S盒高效故障检测方案[J]. 电子学报, 2018, 46(11): 2650-2659.

DAI Qiang, DAI Zi-bin, LI Wei . Highly Efficient Fault Detection Schemes for AES S-Box Based on Redundant GF Arithmetic[J]. Acta Electronica Sinica, 2018, 46(11): 2650-2659.

参考文献

[1] 王沁,梁静,齐悦.一种有效缩减AES算法S盒面积的组合逻辑优化设计[J].电子学报,2010,38(4):939-942. WANG Qin,LIANG Jing,QI Yue.The area optimized implementation of S-box in AES algorithm[J].Acta Electronica Sinica,2010,38(4):939-942.(in Chinese)
[2] GUO Xiao-fei,Ramesh Karri.Recomputing with permuted operands:A concurrent error detection approach[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2013,32(10):1595-1608.
[3] Malkin TG,Standaert FX,Yung M.A comparative cost/security analysis of fault attack countermeasures[A].Proceedings of 3rd International Workshop on Fault Diagnosis & Tolerance in Cryptography[C].Yokohama:Springer,2006.159-172.
[4] Maistri P,Leveugle R.Double-data-rate computation as a countermeasure against fault analysis[J].IEEE Transactions on Computers,2008,57(11):1528-1539.
[5] GUO Xiao-fei,Mukhopadhyay D,JIN Cheng-lu,et al.NREPO:Normal basis recomputing with permuted operands[A].Proceedings of the 2014 IEEE International Symposium on Hardware-oriented Security & Trust[C].Arlington:IEEE,2014.118-123.
[6] YEN Chih-hsu,WU Bing-fei.Simple error detection methods for hardware implementation of advanced encryption standard[J].IEEE Transactions on Computers,2006,55(6):720-731.
[7] Karpovsky M,Kulikowski KJ,Taubin A.Robust protection against fault-injection attacks on smart cards implementing the advanced encryption standard[A].Proceedings of 34th Annual IEEE/IFIP International Conference on Dependable Systems & Networks[C].Florence:IEEE,2004.93-101.
[8] Mozaffari-Kermani M,Reyhani-Masoleh A.Parity-based fault detection architecture of S-box for advanced encryption standard[A].Proceedings of the 21st IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems[C].Arlington:IEEE,2006.572-580.
[9] WU Shee-yau,YEN Huang-ting.On the S-box architectures with concurrent error detection for the advanced encryption standard[J].Ieice Transactions on Fundamentals of Electronics Communications & Computer Sciences,2006,89-A(10):2583-2588.
[10] Mozaffari-Kermani M,Jalali A,Azarderakhsh R,et al.Reliable inversion in GF(2⁸) with redundant arithmetic for secure error detection of cryptographic architectures[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2018,37(3):696-704.
[11] 赵佳,韩军,曾晓洋,等.AES算法的并发错误检测方法及其VLSI实现[J].计算机研究与发展,2009,46(4):593-601. ZHAO Jia,HAN Jun,ZENG Xiao-yang,et al.A two-dimensional parity-based concurrent error detection method for AES against differential fault attack and its VLSI implementation[J].Journal of Computer Research and Development,2009,46(4):593-601.(in Chinese)
[12] 晏巍,王奕,李仁发.低成本AES错误检测方案的FPGA实现[J].小型微型计算机系统,2015,36(7):1644-1648. YAN Wei,WANG Yi,LI Ren-fa.Low cost fault detection scheme for AES using FPGA implementation[J].Journal of Chinese Computer Systems,2015,36(7):1644-1648.(in Chinese)
[13] Mozaffari-Kermani M,Reyhani-Masoleh A.Concurrent structure-independent fault detection schemes for the advanced encryption standard[J].IEEE Transactions on Computers,2010,59(5):608-622.
[14] Mozaffari-Kermani M,Reyhani-Masoleh A.A lightweight concurrent fault detection scheme for the AES S-boxes using normal basis[A].Proceedings of 10th International Workshop on Cryptographic Hardware and Embedded Systems[C].Washington:Springer,2008.113-129.
[15] Mozaffari-Kermani M,Reyhani-Masoleh A.A lightweight high-performance fault detection scheme for the advanced encryption standard using composite fields[J].IEEE Transactions on VLSI Systems,2011,19(1):85-91.
[16] Ahmad N.Parity based fault detection techniques for S-box/inv S-box advanced encryption system[J].ARPN Journal of Engineering and Applied Sciences,2015,10(19):9088-9092.
[17] Mozaffari-Kermani M,Reyhani-Masoleh A.A low-power high-performance concurrent fault detection approach for the composite field S-box and inverse S-box[J].IEEE Transactions on Computers,2011,60(9):1327-1340.
[18] Ueno G,Homma N,Sugawara Y,et al.Highly efficient GF(2⁸) inversion circuit based on redundant GF arithmetic and its application to AES design[A].Proceedings of 17th International Workshop on Cryptographic Hardware and Embedded Systems[C].Saint-Malo:Springer,2015.63-80.
[19] Itoh T,Tsujii S.A fast algorithm for computing multiplicative inverses in GF(2^m) using normal bases[J].Information and Computation,1988,78(3):171-177.
[20] Breveglieri L,Koren I,Maistri P.An operation-centered approach to fault detection in symmetric cryptography ciphers[J].IEEE Transactions on Computers,2007,56(5):635-649.
[21] Aghaie A,Mozaffari-Kermani M,Azarderakhsh R.Reliable and fault diagnosis architectures for hardware and software-efficient block cipher KLEIN benchmarked on FPGA[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2017,PP(99):1-1.
[22] ZHANG Xin-miao,Parhi KK.On the optimum constructions of composite field for the AES algorithm[J].IEEE Transactions on Circuits & Systems Ⅱ Express Briefs,2006,53(10):1153-1157.
[23] 曾纯,吴宁,张肖强,等.基于多因子CSE算法的AES S盒电路优化设计[J].电子学报,2014,42(6):1238-1243. ZENG Chun,WU Ning,ZHANG Xiao-qiang,et al.The optimization circuit design of AES S-box based on a multiple-term common subexpression elimination algorithm[J].Acta Electronica Sinica,2014,42(6):1238-1243.(in Chinese)
[24] Bertoni G,Breveglieri L,Koren I,et al.Error analysis and detection procedures for a hardware implementation of the advanced encryption standard[J].IEEE Transactions on Computers,2003,52(4):492-505.

基于冗余有限域算术的AES S盒高效故障检测方案

Highly Efficient Fault Detection Schemes for AES S-Box Based on Redundant GF Arithmetic

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	王安, 谷睿, 丁瑶玲, 张雪, 袁庆军, 祝烈煌. 基于持续性故障的分组密码算法S盒表逆向分析[J]. 电子学报, 2023, 51(3): 537-551.
[2]	张志涵, 朱凤增, 彭力. 基于自适应事件触发的跳变系统故障检测滤波[J]. 电子学报, 2023, 51(2): 499-507.
[3]	赵耿, 马英杰, 陈磊, 董有恒, 侯艳丽. 基于扰动时空混沌系统的动态S盒设计[J]. 电子学报, 2022, 50(8): 2037-2042.
[4]	黄俊君, 关杰. 基于元胞自动机的S盒的性质与神经网络实现研究[J]. 电子学报, 2020, 48(12): 2462-2468.
[5]	樊昊鹏, 袁庆军, 王向宇, 王永娟, 王涛. 针对AES-128算法的密钥优势模板攻击[J]. 电子学报, 2020, 48(10): 2003-2008.
[6]	肖振华, 梁意文, 谭成予, 周雯, 刘维炜. 基于数值微分的树突状细胞故障检测方法[J]. 电子学报, 2019, 47(5): 1029-1035.
[7]	戴强, 戴紫彬, 李伟. 基于增强型延时感知CSE算法的AES S盒电路优化设计[J]. 电子学报, 2019, 47(1): 129-136.
[8]	施泰荣, 关杰, 刘文哲. AEGIS算法的弱状态分析[J]. 电子学报, 2018, 46(9): 2102-2107.
[9]	韩丹丹, 闵乐泉, 赵耿, 张丽姣, 闫世杰. 一维鲁棒混沌映射及S盒的设计[J]. 电子学报, 2015, 43(9): 1770-1775.
[10]	廖勇, 代学武, 周昕. 基于特征根优化的无线网络控制系统故障检测滤波器设计[J]. 电子学报, 2015, 43(6): 1236-1240.
[11]	曾纯, 吴宁, 张肖强, 周芳, 叶云飞. 基于多因子CSE算法的AES S-盒电路优化设计[J]. 电子学报, 2014, 42(6): 1238-1243.
[12]	朱喜华, 李颖晖, 李宁, 曹华金. 基于改进离散粒子群算法的传感器布局优化设计[J]. 电子学报, 2013, 41(10): 2104-2108.
[13]	向涛;余晨韵;屈晋宇;罗小松. 基于改进AES加密算法的DICOM医学图像安全性研究[J]. 电子学报, 2012, 40(2): 406-411.
[14]	侯彦东;文成林;陈志国. 多传感器故障检测与隔离的残差产生器设计方法研究[J]. 电子学报, 2011, 39(2): 429-434.
[15]	王沁;梁静;齐悦 . 一种有效缩减AES算法S盒面积的组合逻辑优化设计[J]. 电子学报, 2010, 38(4): 939-0942.