A Semi-Permanent Stuck-At Fault Analysis on AES Rijndael SBox

Fault attacks have gained particular attention in recent years as they present a severe threat to security in rapidly rising Internet-of-Things (IoT) devices. IoT devices are generally security-critical and resource-constrained. Therefore, any security protocol deployed in these devices has to satisfy several constraints such as small area footprint, low power, and memory consumption. Combinational circuit implementation of S-box is preferable over look-up table (LUT) in terms of memory consumption as the memory operations are usually the costliest part of lightweight cipher implementations. In this work, we analyze the S-box of AES against a novel fault analysis technique, Semi-Permanent Stuck-At (SPSA) fault analysis. We pinpoint hotspots in an optimized implementation of AES S-box that weaken the cryptographic properties of the S-box, leading to key recovery attacks. Our work investigates new vulnerabilities towards fault analysis in combinational circuit implementation

A Faster Version of Rijndael Cryptographic Algorithm Using Cyclic Shift and Bitwise Operations

Doing arithmetic in finite field is the key part to the implementation of communication and coding system including the newly developed Rijndael the Advanced Encryption Standard (AES). This encryption standard uses KeyExpansion, ByteSub, Mixcolumn and Shiftrow functions which consists of XOR, inverse, multiplying and swap modules. Among them, inverse and multiplier are the most complex modules with longer delay. These modules are included in the Mixcolumn function. From the proposal of AES, the Mixcolumn function was suggested to solve the problem of delay by using look-up tables. This function can be integrated into a bigger table to replace the calculations of inverse and multiply operations, if it provides enough memory. In fact, too many tables are needed for various irreducible polynomials that this system is not flexible and expandable. The area for lookup tables becomes huge when multiple round units are implemented. This research proposes the use of cyclic shift and bit wise XOR operation as new approach to replace the lookup table. The principle benefit of using this new approach over the transform from Rijndael block cipher is speed. This new approach has shown the excellent result, which faster then Rijndael. The new approach algorithm speed increment has consistently increased in between 18% to 22% microsecond for encryption and 30% to 34% for decryption compared to Rijndael algorithm

FPGA can be implemented by using Advanced Encryption Standard Algorithm

Abstract: This paper mainly focused in implementation of AES encryption and decryption standard AES-128. All the transformations of both Encryption and Decryption are simulated using an iterative design approach in order to minimize the hardware consumption.. This method can make it a very low-complex architecture, especially in saving the hardware resource in implementing the AES InverseSub Bytes module and Inverse Mix columns module. As the Sbox is implemented by look-up-table in this design, the chip area and power can still be optimized. The new Mix Column transformation improves the performance of the inverse cipher and also reduces the complexity of the system that supports the inverse cipher. As a result this transformation has relatively low relevant diffusion power .This allows for scaling of the architecture towards vulnerable portable and cost-sensitive communications devices in consumer and military applications

RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level

Power side-channel attacks (SCAs) have become a major concern to the security community due to their non-invasive feature, low-cost, and effectiveness in extracting secret information from hardware implementation of cryto algorithms. Therefore, it is imperative to evaluate if the hardware is vulnerable to SCAs during its design and validation stages. Currently, however, there is little-known effort in evaluating the vulnerability of a hardware to SCAs at early design stage. In this paper, we propose, for the first time, an automated framework, named RTL-PSC, for power side-channel leakage assessment of hardware crypto designs at register-transfer level (RTL) with built-in evaluation metrics. RTL-PSC first estimates power profile of a hardware design using functional simulation at RTL. Then it utilizes the evaluation metrics, comprising of KL divergence metric and the success rate (SR) metric based on maximum likelihood estimation to perform power side-channel leakage (PSC) vulnerability assessment at RTL. We analyze Galois-Field (GF) and Look-up Table (LUT) based AES designs using RTL-PSC and validate its effectiveness and accuracy through both gate-level simulation and FPGA results. RTL-PSC is also capable of identifying blocks inside the design that contribute the most to the PSC vulnerability which can be used for efficient countermeasure implementation.Comment: 6 pages, 6 Figures, 37th IEEE VLSI Test Symposium (VTS'19), 201

Minimizing Cache Timing Attack Using Dynamic Cache Flushing (DCF) Algorithm

Rijndael algorithm was unanimously chosen as the Advanced Encryption Standard (AES) by the panel of researchers at National Institute of Standards and Technology (NIST) in October 2000. Since then, Rijndael was destined to be used massively in various software as well as hardware entities for encrypting data. However, a few years back, Daniel Bernstein devised a cache timing attack that was capable enough to break Rijndael seal that encapsulates the encryption key. In this paper, we propose a new Dynamic Cache Flushing (DCF) algorithm which shows a set of pragmatic software measures that would make Rijndael impregnable to cache timing attack. The simulation results demonstrate that the proposed DCF algorithm provides better security by encrypting key at a constant time.Comment: 7 Pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423 http://sites.google.com/site/ijcsis

GPU Accelerated AES Algorithm

It has been widely accepted that Graphics Processing Units (GPU) is one of promising schemes for encryption acceleration, in particular, the support of complex mathematical calculations such as integer and logical operations makes the implementation easier; however, complexes such as parallel granularity, memory allocation still imposes a burden on real world implementations. In this paper, we propose a new approach for Advanced Encryption Standard accelerations, including both encryption and decryption. Specifically, we adapt the Electronic Code Book mode for cryptographic transformation, look up table scheme for fast lookup, and a granularity of one state per thread for thread scheduling. Our experimental results offer researchers a good understanding on GPU architectures and software accelerations. In addition, both our source code and experimental results are freely available.Comment: 15 page

Performance Evaluation of Low Power MIPS Crypto Processor based on Cryptography Algorithms

This paper presents the design and implementation of low power 32-bit encrypted and decrypted MIPS processor for Data Encryption Standard (DES), Triple DES, Advanced Encryption Standard (AES) based on MIPS pipeline architecture. The organization of pipeline stages has been done in such a way that pipeline can be clocked at high frequency. Encryption and Decryption blocks of three standard cryptography algorithms on MIPS processor and dependency among themselves are explained in detail with the help of a block diagram. Clock gating technique is used to reduce the power consumption in MIPS crypto processor. This approach results in processor that meets power consumption and performance specification for security applications. Proposed Implementation approach concludes higher system performance while reducing operating power consumption. Testing results shows that the MIPS crypto processor operates successfully at a working frequency of 218MHz and a bandwidth of 664Mbits/s

The resistance of an FPGA implementation of Grasshopper block cipher to CPA attacks

In this paper, we implement the Russian standard block cipher Grasshopper on Field-Programmable Gate Array (FPGA). We also study the Correlation Power Analysis attack, which is a special type of side-channel attack proposed by Brier et al. To face this kind of attack, we propose a solution of software countermeasure, and we present the associated implementation of the Grasshopper algorithm. These two implementations are then compared to an AES-256 one. Finally, through the implementation of a CPA attack on an FPGA development board, we show that typical attack models that work on AES fail on Grasshopper implementations.Comment: This article was also presented by Alexander A. Istomin and \'Eric Filiol at RusCrypto 201

Data Protection: Combining Fragmentation, Encryption, and Dispersion, a final report

Hardening data protection using multiple methods rather than 'just' encryption is of paramount importance when considering continuous and powerful attacks in order to observe, steal, alter, or even destroy private and confidential information.Our purpose is to look at cost effective data protection by way of combining fragmentation, encryption, and dispersion over several physical machines. This involves deriving general schemes to protect data everywhere throughout a network of machines where they are being processed, transmitted, and stored during their entire life cycle. This is being enabled by a number of parallel and distributed architectures using various set of cores or machines ranging from General Purpose GPUs to multiple clouds. In this report, we first present a general and conceptual description of what should be a fragmentation, encryption, and dispersion system (FEDS) including a number of high level requirements such systems ought to meet. Then, we focus on two kind of fragmentation. First, a selective separation of information in two fragments a public one and a private one. We describe a family of processes and address not only the question of performance but also the questions of memory occupation, integrity or quality of the restitution of the information, and of course we conclude with an analysis of the level of security provided by our algorithms. Then, we analyze works first on general dispersion systems in a bit wise manner without data structure consideration; second on fragmentation of information considering data defined along an object oriented data structure or along a record structure to be stored in a relational database

Secure and Computationally-Efficient Cryptographic Primitive based on Cellular Automation

Mageto, a random number generator based on one-dimensional cellular automaton (CA) is presented. Three procedures of secure implementation using Mageto is proposed and discussed. Implementations are very efficient in a wide range of hardware and software scenarios. It includes the advanced application of the Internet of Things (IoT) and cyber-physical systems which are both needed for computationally-efficient cryptographic primitives. Furthermore, the proposed primitive is inherently resistant against the Side Channel Attack (SCA), where many currently available ciphers, such as AES, require additional hardware or software effort to prevent SCA line of attack