A Multiple Bit Parity Fault Detection Scheme for The Advanced Encryption Standard Galois/Counter Mode

The Advanced Encryption Standard (AES) is a symmetric-key block cipher for electronic data announced by the U.S. National Institute of Standards and Technology (NIST) in 2001. The encryption process is based on symmetric key (using the same key for both encryption and decryption) for block encryption of 128, 192, and 256 bits in size. AES and its standardized authentication Galois/Counter Mode (GCM) have been adopted in numerous security-based applications. GCM is a mode of operation for AES symmetric key cryptographic block ciphers, which has been selected for its high throughput rates in high speed communication channels. The GCM is an algorithm for authenticated encryption to provide both data authenticity and confidentiality that can be achieved with reasonable hardware resources. The hardware implementation of the AES-GCM demands tremendous amount of logic blocks and gates. Due to natural faults or intrusion attacks, faulty outputs in different logic blocks of the AES-GCM module results in erroneous output. There exist plenty of specific literature on methods of fault detection in the AES section of the AES-GCM. In this thesis, we consider a novel fault detection of the GCM section using parity prediction. For the purpose of fault detection in GCM, two independent methods are proposed. First, a new technique of fault detection using parity prediction for the entire GCM loop is presented. Then, matrix based CRC multiple-bit parity prediction schemes are developed and implemented. As a result, we achieve the fault coverage of about 99% with the longest path delay and area overhead of 23% and 10.9% respectively. The false alarm is 0.12% which can be ignored based on the number of injected faults

Cryptographic key distribution in wireless sensor networks: a hardware perspective

In this work the suitability of different methods of symmetric key distribution for application in wireless sensor networks are discussed. Each method is considered in terms of its security implications for the network. It is concluded that an asymmetric scheme is the optimum choice for key distribution. In particular, Identity-Based Cryptography (IBC) is proposed as the most suitable of the various asymmetric approaches. A protocol for key distribution using identity based Non-Interactive Key Distribution Scheme (NIKDS) and Identity-Based Signature (IBS) scheme is presented. The protocol is analysed on the ARM920T processor and measurements were taken for the run time and energy of its components parts. It was found that the Tate pairing component of the NIKDS consumes significants amounts of energy, and so it should be ported to hardware. An accelerator was implemented in 65nm Complementary Metal Oxide Silicon (CMOS) technology and area, timing and energy figures have been obtained for the design. Initial results indicate that a hardware implementation of IBC would meet the strict energy constraint of a wireless sensor network node