Table Redundancy Method for Protecting Against Fault Attacks
Fault attacks (FA) intentionally inject some fault into the encryption process for analyzing a secret key based on faulty intermediate values or faulty ciphertexts. One of the easy ways for software-based countermeasures is to use time redundancy. However, existing methods can be broken by skipping...
Gespeichert in:
| Veröffentlicht in: | IEEE access 2021, Vol.9, p.92214-92223 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 92223 |
|---|---|
| container_issue | |
| container_start_page | 92214 |
| container_title | IEEE access |
| container_volume | 9 |
| creator | Lee, Seungkwang Jho, Nam-Su Kim, Myungchul |
| description | Fault attacks (FA) intentionally inject some fault into the encryption process for analyzing a secret key based on faulty intermediate values or faulty ciphertexts. One of the easy ways for software-based countermeasures is to use time redundancy. However, existing methods can be broken by skipping comparison operations or by using non-uniform distributions of faulty intermediate values. In this paper, we propose a secure software-based redundancy, aptly named table redundancy, applying different linear and nonlinear transformations to redundant computations of table-based block cipher structures. To reduce the table size and the number of lookups, some outer tables that are not subjected to FA are shared, while the inner tables are protected by table redundancy. The basic idea is that different transformations protecting redundant computations are correctly decoded if the redundant outcomes are combined without faulty values. In addition, this recombination provides infective computations because a faulty byte is likely to propagate its error to adjacent bytes due to the use of 32-bit linear transformations. Our method also presents a stateful feature in the connection with detected faults and subsequent plaintexts for preventing iterative fault injection. We demonstrate the protection of AES-128 against FA and show a negligible advantage of FA. |
| doi_str_mv | 10.1109/ACCESS.2021.3092314 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1109_ACCESS_2021_3092314</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9465147</ieee_id><doaj_id>oai_doaj_org_article_9c5d6b1dda9e487a8962462ba7b94835</doaj_id><sourcerecordid>2547641038</sourcerecordid><originalsourceid>FETCH-LOGICAL-c408t-6e88148f8e365db91a64417d4c32e8a0fd18e1ab26deac48a7ec9d3608e42fb73</originalsourceid><addsrcrecordid>eNpNkE1Lw0AQhhdRUGp_QS8Bz6n7lc0ueCmhfoCiaD0vk91JTa3Zutke_PemRsS5zPDyvjPDQ8iM0Tlj1Fwuqmr58jLnlLO5oIYLJo_IGWfK5KIQ6vjffEqmfb-hQ-lBKsozcrWCeovZM_p956FzX9kDprfgsybE7CmGhC613TpbrKHt-pRdw36bskVK4N77c3LSwLbH6W-fkNfr5aq6ze8fb-6qxX3uJNUpV6g1k7rRKFTha8NASclKL53gqIE2nmlkUHPlEZzUUKIzXiiqUfKmLsWE3I17fYCN3cX2A-KXDdDaHyHEtYWYWrdFa1zhVc28B4NSl6CN4lLxGsraSD0wmJCLcdcuhs899sluwj52w_uWF7JUklGhB5cYXS6Gvo_Y_F1l1B6o25G6PVC3v9SH1GxMtYj4lzBSFUyW4htHnnxT</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2547641038</pqid></control><display><type>article</type><title>Table Redundancy Method for Protecting Against Fault Attacks</title><source>IEEE Open Access Journals</source><source>DOAJ Directory of Open Access Journals</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Lee, Seungkwang ; Jho, Nam-Su ; Kim, Myungchul</creator><creatorcontrib>Lee, Seungkwang ; Jho, Nam-Su ; Kim, Myungchul</creatorcontrib><description>Fault attacks (FA) intentionally inject some fault into the encryption process for analyzing a secret key based on faulty intermediate values or faulty ciphertexts. One of the easy ways for software-based countermeasures is to use time redundancy. However, existing methods can be broken by skipping comparison operations or by using non-uniform distributions of faulty intermediate values. In this paper, we propose a secure software-based redundancy, aptly named table redundancy, applying different linear and nonlinear transformations to redundant computations of table-based block cipher structures. To reduce the table size and the number of lookups, some outer tables that are not subjected to FA are shared, while the inner tables are protected by table redundancy. The basic idea is that different transformations protecting redundant computations are correctly decoded if the redundant outcomes are combined without faulty values. In addition, this recombination provides infective computations because a faulty byte is likely to propagate its error to adjacent bytes due to the use of 32-bit linear transformations. Our method also presents a stateful feature in the connection with detected faults and subsequent plaintexts for preventing iterative fault injection. We demonstrate the protection of AES-128 against FA and show a negligible advantage of FA.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2021.3092314</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Algorithms ; block cipher ; Ciphers ; countermeasure ; Encoding ; Encryption ; fault attacks ; Fault detection ; Iterative methods ; Linear transformations ; Redundancy ; Software ; Software cryptography ; Table lookup</subject><ispartof>IEEE access, 2021, Vol.9, p.92214-92223</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c408t-6e88148f8e365db91a64417d4c32e8a0fd18e1ab26deac48a7ec9d3608e42fb73</citedby><cites>FETCH-LOGICAL-c408t-6e88148f8e365db91a64417d4c32e8a0fd18e1ab26deac48a7ec9d3608e42fb73</cites><orcidid>0000-0003-1721-5350 ; 0000-0001-9534-9624 ; 0000-0001-8077-0053</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9465147$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,864,2102,4024,27633,27923,27924,27925,54933</link.rule.ids></links><search><creatorcontrib>Lee, Seungkwang</creatorcontrib><creatorcontrib>Jho, Nam-Su</creatorcontrib><creatorcontrib>Kim, Myungchul</creatorcontrib><title>Table Redundancy Method for Protecting Against Fault Attacks</title><title>IEEE access</title><addtitle>Access</addtitle><description>Fault attacks (FA) intentionally inject some fault into the encryption process for analyzing a secret key based on faulty intermediate values or faulty ciphertexts. One of the easy ways for software-based countermeasures is to use time redundancy. However, existing methods can be broken by skipping comparison operations or by using non-uniform distributions of faulty intermediate values. In this paper, we propose a secure software-based redundancy, aptly named table redundancy, applying different linear and nonlinear transformations to redundant computations of table-based block cipher structures. To reduce the table size and the number of lookups, some outer tables that are not subjected to FA are shared, while the inner tables are protected by table redundancy. The basic idea is that different transformations protecting redundant computations are correctly decoded if the redundant outcomes are combined without faulty values. In addition, this recombination provides infective computations because a faulty byte is likely to propagate its error to adjacent bytes due to the use of 32-bit linear transformations. Our method also presents a stateful feature in the connection with detected faults and subsequent plaintexts for preventing iterative fault injection. We demonstrate the protection of AES-128 against FA and show a negligible advantage of FA.</description><subject>Algorithms</subject><subject>block cipher</subject><subject>Ciphers</subject><subject>countermeasure</subject><subject>Encoding</subject><subject>Encryption</subject><subject>fault attacks</subject><subject>Fault detection</subject><subject>Iterative methods</subject><subject>Linear transformations</subject><subject>Redundancy</subject><subject>Software</subject><subject>Software cryptography</subject><subject>Table lookup</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><sourceid>DOA</sourceid><recordid>eNpNkE1Lw0AQhhdRUGp_QS8Bz6n7lc0ueCmhfoCiaD0vk91JTa3Zutke_PemRsS5zPDyvjPDQ8iM0Tlj1Fwuqmr58jLnlLO5oIYLJo_IGWfK5KIQ6vjffEqmfb-hQ-lBKsozcrWCeovZM_p956FzX9kDprfgsybE7CmGhC613TpbrKHt-pRdw36bskVK4N77c3LSwLbH6W-fkNfr5aq6ze8fb-6qxX3uJNUpV6g1k7rRKFTha8NASclKL53gqIE2nmlkUHPlEZzUUKIzXiiqUfKmLsWE3I17fYCN3cX2A-KXDdDaHyHEtYWYWrdFa1zhVc28B4NSl6CN4lLxGsraSD0wmJCLcdcuhs899sluwj52w_uWF7JUklGhB5cYXS6Gvo_Y_F1l1B6o25G6PVC3v9SH1GxMtYj4lzBSFUyW4htHnnxT</recordid><startdate>2021</startdate><enddate>2021</enddate><creator>Lee, Seungkwang</creator><creator>Jho, Nam-Su</creator><creator>Kim, Myungchul</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0003-1721-5350</orcidid><orcidid>https://orcid.org/0000-0001-9534-9624</orcidid><orcidid>https://orcid.org/0000-0001-8077-0053</orcidid></search><sort><creationdate>2021</creationdate><title>Table Redundancy Method for Protecting Against Fault Attacks</title><author>Lee, Seungkwang ; Jho, Nam-Su ; Kim, Myungchul</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c408t-6e88148f8e365db91a64417d4c32e8a0fd18e1ab26deac48a7ec9d3608e42fb73</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>block cipher</topic><topic>Ciphers</topic><topic>countermeasure</topic><topic>Encoding</topic><topic>Encryption</topic><topic>fault attacks</topic><topic>Fault detection</topic><topic>Iterative methods</topic><topic>Linear transformations</topic><topic>Redundancy</topic><topic>Software</topic><topic>Software cryptography</topic><topic>Table lookup</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Lee, Seungkwang</creatorcontrib><creatorcontrib>Jho, Nam-Su</creatorcontrib><creatorcontrib>Kim, Myungchul</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Lee, Seungkwang</au><au>Jho, Nam-Su</au><au>Kim, Myungchul</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Table Redundancy Method for Protecting Against Fault Attacks</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2021</date><risdate>2021</risdate><volume>9</volume><spage>92214</spage><epage>92223</epage><pages>92214-92223</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>Fault attacks (FA) intentionally inject some fault into the encryption process for analyzing a secret key based on faulty intermediate values or faulty ciphertexts. One of the easy ways for software-based countermeasures is to use time redundancy. However, existing methods can be broken by skipping comparison operations or by using non-uniform distributions of faulty intermediate values. In this paper, we propose a secure software-based redundancy, aptly named table redundancy, applying different linear and nonlinear transformations to redundant computations of table-based block cipher structures. To reduce the table size and the number of lookups, some outer tables that are not subjected to FA are shared, while the inner tables are protected by table redundancy. The basic idea is that different transformations protecting redundant computations are correctly decoded if the redundant outcomes are combined without faulty values. In addition, this recombination provides infective computations because a faulty byte is likely to propagate its error to adjacent bytes due to the use of 32-bit linear transformations. Our method also presents a stateful feature in the connection with detected faults and subsequent plaintexts for preventing iterative fault injection. We demonstrate the protection of AES-128 against FA and show a negligible advantage of FA.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2021.3092314</doi><tpages>10</tpages><orcidid>https://orcid.org/0000-0003-1721-5350</orcidid><orcidid>https://orcid.org/0000-0001-9534-9624</orcidid><orcidid>https://orcid.org/0000-0001-8077-0053</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2169-3536 |
| ispartof | IEEE access, 2021, Vol.9, p.92214-92223 |
| issn | 2169-3536 2169-3536 |
| language | eng |
| recordid | cdi_crossref_primary_10_1109_ACCESS_2021_3092314 |
| source | IEEE Open Access Journals; DOAJ Directory of Open Access Journals; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals |
| subjects | Algorithms block cipher Ciphers countermeasure Encoding Encryption fault attacks Fault detection Iterative methods Linear transformations Redundancy Software Software cryptography Table lookup |
| title | Table Redundancy Method for Protecting Against Fault Attacks |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T18%3A08%3A08IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Table%20Redundancy%20Method%20for%20Protecting%20Against%20Fault%20Attacks&rft.jtitle=IEEE%20access&rft.au=Lee,%20Seungkwang&rft.date=2021&rft.volume=9&rft.spage=92214&rft.epage=92223&rft.pages=92214-92223&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2021.3092314&rft_dat=%3Cproquest_cross%3E2547641038%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2547641038&rft_id=info:pmid/&rft_ieee_id=9465147&rft_doaj_id=oai_doaj_org_article_9c5d6b1dda9e487a8962462ba7b94835&rfr_iscdi=true |