Design of fault-resilient S-boxes for AES-like block ciphers. (English) Zbl 1468.94407
Summary: Substitution functions (S-boxes) play an important role in the security of AES-like cryptosystems, but the cryptosystems are highly vulnerable against fault injection attacks. Some research has been carried out previously to prevent fault injection attacks on AES, but most of the countermeasures are restricted to the detection of faults only, and they only work at the cost of large hardware needed for duplicating the S-boxes. In this paper, we present a design construction of fault-resilient S-boxes for AES-like block ciphers by fault detection and correction. The random evolution of cellular automata with linear and nonlinear neighborhood functions is exploited to design these S-boxes. The proposed design guarantees \(100\%\) coverage of single-byte fault correction and double-byte fault detection in the S-boxes. The FPGA implementation shows that our design makes the substitution boxes fault-resilient with \(21.34\%\) extra hardware compared to the AES substitution layer.
MSC:
| 94A60 | Cryptography |
| 94A55 | Shift register sequences and sequences over finite alphabets in information and communication theory |
| 94B60 | Other types of codes |
| 68Q80 | Cellular automata (computational aspects) |
Keywords:
substitution-box; nonlinear functions; cellular automata; block cipher; fault attack countermeasures; error correcting codesReferences:
| [1] | Akdemir, K.D., Wang, Z., Karpovsky, M.G., Sunar, B.: Design of cryptographic devices resilient to fault injection attacks using nonlinear robust codes. In: Fault Analysis in Cryptography, pp. 171-199. doi:10.1007/978-3-642-29656-7_11 · Zbl 1267.94027 |
| [2] | Barenghi, A.; Breveglieri, L.; Koren, I.; Naccache, D., Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures, Proc. IEEE, 100, 11, 3056-3076 (2012) · doi:10.1109/JPROC.2012.2188769 |
| [3] | Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Advances in Cryptology - CRYPTO ’97, 17Th Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 1997, Proceedings. pp. 513-525. doi:10.1007/BFb0052259 (1997) · Zbl 0886.94010 |
| [4] | Boneh, D., DeMillo, R. A., Lipton, R. J.: On the importance of checking cryptographic protocols for faults (Extended Abstract). In: Advances in Cryptology - EUROCRYPT ’97, International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, Germany, May 11-15, 1997, Proceeding. pp. 37-51 (1997) |
| [5] | Bousselam, K., Natale, G.D., Flottes, M., Rouzeyre, B.: On countermeasures against fault attacks on the advanced encryption standard. In: Fault Analysis in Cryptography, pp. 89-108 (2012), . doi:10.1007/978-3-642-29656-7_6 |
| [6] | Carlet, C.: S-boxes, boolean functions and codes for the resistance of block ciphers to cryptographic attacks, with or without side channels. In: Security, Privacy, and Applied Cryptography Engineering - 5th International Conference, SPACE 2015, Jaipur, India, October 3-7, 2015, Proceedings. pp. 151-171 (2015), . doi:10.1007/978-3-319-24126-5_10 |
| [7] | Cattell, K.; Muzio, JC, Synthesis of one-dimensional linear hybrid cellular automata, IEEE Trans. on CAD of Integrated Circuits and Systems, 15, 3, 325-335 (1996) · doi:10.1109/43.489103 |
| [8] | Chaudhuri, P.P., Roy Chowdhury, D., Nandi, S., Chattopadhyay, S.: Additive Cellular automata: Theory and Applications. IEEE Computer Socity press (1997) · Zbl 0944.68133 |
| [9] | Cusick, T.W., Stanica, P.: Cryptographic boolean functions and applications. Academic Press (2009) · Zbl 1173.94002 |
| [10] | Daemen, J., Rijmen, V.: The Design of Rijndael: AES - the Advanced Encryption Standard. Information Security and Cryptography, Springer. doi:10.1007/978-3-662-04722-4 (2002) · Zbl 1065.94005 |
| [11] | Ghosh, S., Saha, D., Sengupta, A., Roy Chowdhury, D.: Preventing fault attacks using fault randomization with a case study on AES. In: Information Security and Privacy - 20th Australasian Conference, ACISP 2015, Brisbane, QLD, Australia, June 29 - July 1, 2015, Proceedings. pp. 343-355. doi:10.1007/978-3-319-19962-7_20(2015) · Zbl 1368.94098 |
| [12] | Ghoshal, A.; Sadhukhan, R.; Patranabis, S.; Datta, N.; Picek, S.; Mukhopadhyay, D., Lightweight and side-channel secure 4 × 4 S-boxes from cellular automata rules, IACR Trans. Symmetric Cryptol., 2018, 3, 311-334 (2018) · doi:10.13154/tosc.v2018.i3.311-334 |
| [13] | Heys, HM, A tutorial on linear and differential cryptanalysis, Cryptologia, 26, 3, 189-221 (2002) · Zbl 1325.94122 · doi:10.1080/0161-110291890885 |
| [14] | Lomné, V., Roche, T., Thillard, A.: On the need of randomness in fault attack countermeasures - application to AES. In: 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography, Leuven, Belgium, September 9, 2012. Pp. 85-94. doi:10.1109/FDTC.2012.19 (2012) |
| [15] | Mariot, L.; Picek, S.; Leporati, A.; Jakobovic, D., Cellular automata based S-boxes, Cryptogr. Commun., 11, 1, 41-62 (2019) · Zbl 1420.94087 · doi:10.1007/s12095-018-0311-8 |
| [16] | Mui, E.N.: Practical implementation of Rijndael S-box using combinational logic. Custom R & D Engineer Texco Enterprise Pvt Ltd (2007) |
| [17] | Mukhopadhyay, D.: An improved fault based attack of the advanced encryption standard. In: Progress in Cryptology - AFRICACRYPT 2009, Second International Conference on Cryptology in Africa, Gammarth, Tunisia, June 21-25, 2009. Proceedings. pp. 421-434. doi:10.1007/978-3-642-02384-2_26 (2009) · Zbl 1246.94036 |
| [18] | Natale, G. D., Flottes, M., Rouzeyre, B.: An on-line fault detection scheme for Sboxes in secure circuits. In: 13Th IEEE international on-line testing symposium (IOLTS 2007), 8-11 July 2007, Heraklion, Crete, Greece. pp. 57-62. doi:10.1109/IOLTS.2007.16 (2007) |
| [19] | Neumann, J.V.: The theory of self- reproducing automata. (edited by A.W. Burks) univ of illinois press urbana (1966) |
| [20] | Picek, S., Mariot, L., Yang, B., Jakobovic, D., Mentens, N.: Design of S-boxes defined with cellular automata rules. In: Proceedings of the computing frontiers conference, CF’17, Siena, Italy, May 15-17, 2017. pp. 409-414. doi:10.1145/3075564.3079069 (2017) |
| [21] | Piret, G., Quisquater, J.: A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: Cryptographic Hardware and Embedded Systems - CHES 2003, 5th International Workshop, Cologne, Germany, September 8-10, 2003, Proceedings. pp. 77-88. doi:10.1007/978-3-540-45238-6_7 (2003) · Zbl 1274.94107 |
| [22] | Saarinen, M.O.: Cryptographic analysis of all 4 × 4-bit s-boxes. In: Selected Areas in Cryptography - 18th International Workshop, SAC 2011, Toronto, ON, Canada, August 11-12, 2011, Revised Selected Papers. pp. 118-133. doi:10.1007/978-3-642-28496-0_7 (2011) · Zbl 1292.94132 |
| [23] | Saha, D., Mukhopadhyay, D., Roy Chowdhury, D.: A diagonal fault attack on the advanced encryption standard. IACR Cryptology ePrint Archive 2009, 581. http://eprint.iacr.org/2009/581 (2009) |
| [24] | Schmidt, J., Medwed, M.: Countermeasures for symmetric key ciphers. In: Fault analysis in cryptography, pp. 73-87. doi:10.1007/978-3-642-29656-7_5(2012) |
| [25] | Stallings, W.: Cryptography and network security - principles and practice (3. ed.), Prentice Hall (2003) |
| [26] | Tunstall, M., Mukhopadhyay, D., Ali, S.: Differential fault analysis of the advanced encryption standard using a single fault. In: Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Heraklion, Crete, Greece, June 1-3, 2011. Proceedings. pp. 224-233. doi:10.1007/978-3-642-21040-2_15 (2011) |
| [27] | Tupsamudre, H., Bisht, S., Mukhopadhyay, D.: Destroying fault invariant with randomization - A countermeasure for AES against differential fault attacks. In: Cryptographic Hardware and Embedded Systems - CHES 2014 - 16th International Workshop, Busan, South Korea, September 23-26, 2014. Proceedings. pp. 93-111. doi:10.1007/978-3-662-44709-3_6 (2014) · Zbl 1383.94046 |
| [28] | Wolfram, S.: Cryptography with cellular automata. In: Advances in Cryptology - CRYPTO ’85, Santa Barbara, California, USA, August 18-22, 1985, Proceedings. pp. 429-432 (1985) |
| [29] | Wolfram, S., Random sequence generation by cellular automata, Adv. Appl. Math., 7, 123-169 (1986) · Zbl 0603.68053 · doi:10.1016/0196-8858(86)90028-X |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
