A Lightweight Concurrent Fault Detection Scheme for the AES S-Boxes Using Normal Basis
نویسندگان
چکیده
The use of an appropriate fault detection scheme for hardware implementation of the Advanced Encryption Standard (AES) makes the standard robust to the internal defects and fault attacks. To minimize the overhead cost of the fault detection AES structure, we present a lightweight concurrent fault detection scheme for the composite field realization of the S-box using normal basis. The structure of the S-box is divided into blocks and the predicted parities of these blocks are obtained. Through an exhaustive search among all available composite fields and transformation matrices that map the polynomial basis representation in binary field to the normal basis representation in composite field, we have found the optimum solution for the least overhead S-box and its parity predictions. Finally, using FPGA implementations, the complexities of the proposed schemes are compared to those of the previously reported ones. It is shown that the FPGA implementations of the S-box using normal basis representation in composite fields outperform the traditional ones using polynomial basis for both with and without fault detection capability.
منابع مشابه
Fault Detection Scheme for AES Using Optimization for Mix Column
In this paper for existing concurrent structure independent fault detection schemes with new technique for the fault detection of sub bytes and inverse sub bytes using the relation between the input and output of the S-box, the formulation of mix column are implemented for AES, which results in the reduction of area coverage and power consumption along with the error coverage of greater than 99...
متن کاملUltra-lightweight 8-bit Multiplicative Inverse Based S-box Using LFSR
Most of the lightweight block ciphers are nibble-oriented as the implementation of a 4-bit S-box is much more compact than an 8-bit S-box. This paper proposes a novel implementation of multiplicative inverse for 8-bit S-boxes using LFSR requiring only 138 gate-equivalent. It can be shown that if such S-boxes are adopted for the AES it takes less than 50 gate-equivalent per S-box in parallel imp...
متن کاملTotal break of Zorro using linear and differential attacks
An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced round, and even full round attacks. In this paper, using some properties discovered by Wa...
متن کاملConcurrent Error Detection in S-boxes
In this paper we present low -cost, concurrent checking methods for multiple error detection in S-boxes of symmetric block ciphers. These are redundancy-based fault detection schemes. We describe some studies of parity based concurrent error detection in S-boxes. Probability of multiple error detection is analyzed for random data. In this work 48-input, 32-output substitution blocks are taken i...
متن کاملDesign of Least Complex S - Box and its Fault Detection for Robust AES Algorithm
Advanced Encryption Standard (AES) is the symmetric key standard for encryption and decryption. In this work, a 128-bit AES encryption and decryption using Rijndael Algorithm is designed and synthesized using verilog code. The fault detection scheme for their hardware implementation plays an important role in making the AES robust to the internal and malicious faults. In the proposed AES, a com...
متن کامل