Keymill: Side-Channel Resilient Key Generator

In the crypto community, it is widely acknowledged that any cryptographic scheme that is built with no countermeasure against side-channel analysis (SCA) can be easily broken. In this paper, we challenge this intuition. We investigate a novel approach in the design of cryptographic primitives that promotes inherent security against side-channel analysis without using redundant circuits. We propose Keymill, a new keystream generator that is immune against SCA attacks. Security of the proposed scheme depends on mixing key bits in a special way that expands the size of any useful key hypothesis to the full entropy, which enables SCA-security that is equivalent to the brute force. Doing so, we do not propose a better SCA countermeasure, but rather a new one. The current solution focuses exclusively on side-channel analysis and works on top of any unprotected block cipher for mathematical security. The proposed primitive is generic and can turn any block cipher into a protected mode using only 775 equivalent NAND gates, which is almost half the area of the best countermeasure available in the literature

Low Complexity Sequential Normal Basis Multipliers over ¢¡¤£¦¥¨§�©

For efficient hardware implementation of finite field arithmetic units, the use of a normal basis is advantageous. In this article, two architectures for multipliers over the finite field �¨�������� � are proposed. Both of these multipliers are of sequential type – after receiving the coordinates of the two input field elements, they go through � iterations (or clock cycles) to finally yield all the coordinates of the product in parallel. These multipliers are highly area efficient and require fewer number of logic gates even when compared with the most area efficient multiplier available in the open literature. This makes the proposed multipliers suitable for applications where the value of � is large but space is of concern, e.g., resource constrained cryptographic systems. Additionally, the AND gate count for one of the multipliers is � ������� � only. This implies that if the multiplication over �¨���� � � � is performed using a suitable subfield ���������¦ � where �� � � and ������ � then the corresponding multiplier architecture will yield a highly efficient digit or word serial multiplier. Keywords: Finite field, Massey-Omura multiplier, optimal normal basis

Secure Clustering and Symmetric Key Establishment in Heterogeneous Wireless Sensor Networks

<p/> <p>Information security in infrastructureless wireless sensor networks (WSNs) is one of the most important research challenges. In these networks, sensor nodes are typically sprinkled liberally in the field in order to monitor, gather, disseminate, and provide the sensed data to the command node. Various studies have focused on key establishment schemes in homogeneous WSNs. However, recent research has shown that achieving survivability in WSNs requires a hierarchy and heterogeneous infrastructure. In this paper, to address security issues in the heterogeneous WSNs, we propose a secure clustering scheme along with a deterministic pairwise key management scheme based on public key cryptography. The proposed security mechanism guarantees that any two sensor nodes located in the same cluster and routing path can directly establish a pairwise key without disclosing any information to other nodes. Through security performance evaluation, it is shown that the proposed scheme guarantees node-to-node authentication, high resiliency against node capture, and minimum memory space requirement.</p

A Structure-independent Approach for Fault Detection Hardware Implementations of the Advanced Encryption Standard

The Advanced Encryption Standard, which is used extensively for secure communications, has been accepted recently as a symmetric cryptography standard. However, occurrence of the internal faults by intrusion of the attackers may cause confidential information leak to reveal the secret key. For this reason, several schemes for fault detection of the transformations and rounds in the encryption and decryption of the Advanced Encryption Standard are proposed. In this paper, we present a structure-independent fault detection scheme for the Advanced Encryption Standard. The proposed scheme is independent of the way S- box (inverse S-box) is constructed and can be used for both encryption and decryption. It can be applied to both the S-boxes (and inverse S-boxes) using look-up tables as well as those utilizing logic gate implementations based on composite fields. We have obtained the formulations for the fault detection of the SubBytes (inverse SubBytes) using the relation between the input and output of the S-box (inverse S-box). Then, we have proposed and simulated a signature-based structure-independent fault detection scheme. Moreover, the FPGA implementations of the original and the proposed schemes as well as their overhead are presented

Reliable Hardware Architectures for the Third-Round SHA-3 Finalist Grostl Benchmarked on FPGA Platform

The third round of competition for the SHA-3 candidates is ongoing to select the winning function in 2012. Although much attention has been devoted to the performance and security of these candidates, the approaches for increasing their reliability have not been presented to date. In this paper, for the first time, we propose a high-performance scheme for fault detection of the SHA-3 round-three candidate Grostl which is inspired by the Advanced Encryption Standard (AES). We propose a low-overhead fault detection scheme by presenting closed formulations for the predicted signatures of different transformations of this SHA-3 third-round finalist. These signatures are derived to achieve low overhead and include one or multi-bit parities and byte/word-wide predicted signatures. The proposed reliable hardware architectures for Grostl are implemented on Xilinx Virtex-6 FPGA family to benchmark their hardware and timing characteristics. The results of our evaluations show high error coverage and acceptable overhead for the proposed scheme

Parity Prediction of S-Box for AES

In this paper, we present the parity prediction approach of the S-Box for designing high performance and fault detection structures of the AES. Unlike the traditional scheme which is based on using look-up tables, we use the logical gates implementation based on the composite fields for fault detection of S-Box in AES. We find closed formulations for the output parity bits of S-Box considering the composite-field transformation matrix and its inverse in GF(28) as well as the affine transformation. To the best of our knowledge, no closed formulations for parity prediction of the S-Box have been proposed in the open literature

A Low-Cost S-Box for the Advanced Encryption Standard Using Normal Basis

The Advanced Encryption Standard (AES) is a newly accepted secret key cryptographic standard for secure transfer of blocks of data. Among different transformations, the SubBytes transformation is the most expensive one in terms of the chip area and the power consumption in the hardware implementation of the AES. It consists of 16 S-boxes and hence the hardware optimization of the S-box is critical to reach a low-cost AES. In this paper, we present a low-cost S-box for the AES. Instead of using look-up tables for implementing the S-box, logic gate implementation based on a previously known low-complexity composite field using normal basis is utilized. Then, we present improved formulations for the inversion in the sub-fields within the S-box to reduce the area complexity of the implementations. After analyzing the complexities of the new architecture, we compare the ASIC implementation of the proposed S-box using 0:18µ CMOS technology with the previous ones. It is shown that the presented scheme has the lowest power consumption and area compared to its counterparts available in the open literature

Parity-Based Fault Detection Architecture of S-box for Advanced Encryption Standard

In this paper, the authors present parity-based fault detection architecture of the S-box for designing high performance fault detection structures of the advanced encryption standard. Instead of using look-up tables for the S-box and its parity prediction, logical gate implementations based on the composite field are utilized. After analyzing the error propagation for injected single faults, the authors modify the original S-box and suggest fault detection architecture for the S-box. Using the closed formulations for the predicted parity bits, the authors propose a parity-based fault detection scheme for reaching the maximum fault coverage. Moreover, the overhead costs, including space complexity and time delay of our modified S-box and the parity predictions are also compared to those of the previously reported ones

Efficient and High-Performance Parallel Hardware Architectures for the AES-GCM

Since its acceptance as the adopted symmetric-key algorithm, the Advanced Encryption Standard (AES) and its recently standardized authentication Galois/Counter Mode (GCM) have been utilized in various security-constrained applications. Many of the AES-GCM applications are power and resource constrained and require efficient hardware implementations. In this paper, different application-specific integrated circuit (ASIC) architectures of building blocks of the AES-GCM algorithms are evaluated and optimized to identify the high-performance and low-power architectures for the AES-GCM. For the AES, we evaluate the performance of more than 40 S-boxes utilizing a fixed benchmark platform in 65-nm CMOS technology. To obtain the least complexity S-box, the formulations for the Galois Field (GF) subfield inversions in GF(24) are optimized. By conducting exhaustive simulations for the input transitions, we analyze the average and peak power consumptions of the AES S-boxes considering the switching activities, gate-level netlists, and parasitic information. Additionally, we present high-speed, parallel hardware architectures for reaching low-latency and high-throughput structures of the GCM. Finally, by investigating the high-performance GF(2128) multiplier architectures, we benchmark the proposed AES-GCM architectures using quadratic and subquadratic hardware complexity GF(2128) multipliers. It is shown that the performance of the presented AES-GCM architectures outperforms the previously reported ones in the utilized 65-nm CMOS technology