Design and evaluation of countermeasures against fault injection attacks and power side-channel leakage exploration for AES block cipher

Abstract

Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these mechanisms can have a significant cost, not fully covering the implementations against fault attacks or not taking into account the leakage of the information exploitable by the power analysis attacks. In this paper, four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array (FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9% and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact of these structures in terms of power side-channel. The obtained results suggest that no extra information leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a high fault coverage protection with a low cost in terms of area and power consumption and no PA security degradation.