Processing math: 33%
A 100-Gbps Fault-Injection Attack-Resistant AES-256 Engine With 99.1%–99.99% Error Coverage in Intel 4 CMOS | IEEE Journals & Magazine | IEEE Xplore

A 100-Gbps Fault-Injection Attack-Resistant AES-256 Engine With 99.1%–99.99% Error Coverage in Intel 4 CMOS


Abstract:

Fault-injection (FI) attacks exploit corrupted ciphertexts from cryptographic hardware to extract the embedded secret key using directed laser pulses or voltage/clock gli...Show More

Abstract:

Fault-injection (FI) attacks exploit corrupted ciphertexts from cryptographic hardware to extract the embedded secret key using directed laser pulses or voltage/clock glitches. Laser FI attacks mounted on an unprotected fully unrolled advanced encryption standard (AES)-256 engine in Intel 4 CMOS process demonstrate a minimum-time-to-disclosure (MTD) of 6.6 M encryptions to generate eight exploitable ciphertexts, reducing AES key search space to a single guess with differential fault analysis (DFA). In this article, we present a source-agnostic FI-attack-resistant AES-256 accelerator fabricated in Intel 4 CMOS. Arithmetic and parity-based checker circuits detect runtime faults in the nonlinear and linear portions of AES, respectively. Composite-field GF(24)2 inverse checker, redundant affine parity circuits, and byte-interleaved register placement optimizations enable 99.1% error coverage against raster and box-scan laser FI attacks. The AES round datapath augmented with an all-digital laser detection circuit (LDC) provides a 13400 \times higher margin for raster-based laser pulse injections. Finally, additional timing slack introduced on the checker datapath enables a 40-mV measured margin on parity predictor paths, ensuring that timing violations are first observed at critical round output bytes, leaving the parity signals uncorrupted during undervoltage attacks. Intel 4 CMOS measurements show a 0% performance impact from FI countermeasures while providing 111 \times and 10000 \times MTD improvements against laser and undervoltage attacks, respectively.
Published in: IEEE Journal of Solid-State Circuits ( Volume: 59, Issue: 1, January 2024)
Page(s): 79 - 89
Date of Publication: 25 August 2023

ISSN Information:


Contact IEEE to Subscribe

References

References is not available for this document.