{"title":"A Continuous Fault Countermeasure for AES Providing a Constant Error Detection Rate","authors":"M. Medwed, Jörn-Marc Schmidt","doi":"10.1109/FDTC.2010.16","DOIUrl":null,"url":null,"abstract":"Many implementations of cryptographic algorithms have shown to be susceptible to fault attacks. To detect manipulations, countermeasures have been proposed. In the case of AES, most countermeasures deal with the non-linear and the linear part separately, which either leaves vulnerable points at the interconnections or causes different error detection rates across the algorithm. In this paper, we present a way to achieve a constant error detection rate throughout the whole algorithm. The use of extended AN+B codes together with redundant table lookups allows to construct a countermeasure that provides complete protection against adversaries who are able to inject faults of byte size or less. The same holds for adversaries who skip an instruction. Other adversaries are detected with a probability of more than $99\\%$.","PeriodicalId":127275,"journal":{"name":"2010 Workshop on Fault Diagnosis and Tolerance in Cryptography","volume":"68 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Workshop on Fault Diagnosis and Tolerance in Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FDTC.2010.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12
Abstract
Many implementations of cryptographic algorithms have shown to be susceptible to fault attacks. To detect manipulations, countermeasures have been proposed. In the case of AES, most countermeasures deal with the non-linear and the linear part separately, which either leaves vulnerable points at the interconnections or causes different error detection rates across the algorithm. In this paper, we present a way to achieve a constant error detection rate throughout the whole algorithm. The use of extended AN+B codes together with redundant table lookups allows to construct a countermeasure that provides complete protection against adversaries who are able to inject faults of byte size or less. The same holds for adversaries who skip an instruction. Other adversaries are detected with a probability of more than $99\%$.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
