Concurrent Error Detection Schemes for Involution Ciphers

  • Nikhil Joshi
  • Kaijie Wu
  • Ramesh Karri
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3156)


Because of the rapidly shrinking dimensions in VLSI, transient and permanent faults arise and will continue to occur in the near future in increasing numbers. Since cryptographic chips are a consumer product produced in large quantities, cheap solutions for concurrent checking are needed. Concurrent Error Detection (CED) for cryptographic chips also has a great potential for detecting (deliberate) fault injection attacks where faults are injected into a cryptographic chip to break the key. In this paper we propose a low cost, low latency, time redundancy based CED technique for a class of symmetric block ciphers whose round functions are involutions. This CED technique can detect both permanent and transient faults with almost no time overhead. A function F is an involution if F(F(x))=x. The proposed CED architecture (i) exploits the involution property of the ciphers and checks if x=F(F(x)) for each of the involutional round functions to detect transient and permanent faults and (ii) uses the idle cycles in the design to achieve close to a 0% time overhead. Our preliminary ASIC synthesis experiment with the involutional cipher KHAZAD resulted in an area overhead of 23.8% and a throughput degradation of 8%. A fault injection based simulation shows that the proposed architecture detects all single-bit faults.


Concurrent Error Detection (CED) Fault Tolerance Involutional ciphers KHAZAD 


  1. 1.
    Boneh, D., DeMillo, R., Lipton, R.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Proceedings of Crypto (August 1997)Google Scholar
  3. 3.
    Bloemer, J., Seifert, J.P.: Fault based cryptanalysis of the Advanced Encryption Standard,
  4. 4.
    Giraud, C.: Differential Fault Analysis on AES,
  5. 5.
    Quisquater, J.-J., Piret, G.: A Differential Fault Attack Technique Against SPN Structures, with Application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Karri, R., Wu, K., Mishra, P., Kim, Y.: Concurrent Error Detection of Fault Based Side Channel Cryptanalysis of 128-Bit Symmetric Block Ciphers. IEEE Transactions on CAD (December 2002)Google Scholar
  7. 7.
    Bertoni, G., Breveglieri, L., Koren, I., Piuri, V.: On the propagation of faults and their detection in a hardware implementation of the advanced encryption standard. In: Proceedings of ASAP 2002, pp. 303–312 (2002)Google Scholar
  8. 8.
    Bertoni, G., Breveglieri, L., Koren, I., Piuri, V.: Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard. IEEE Transactions on Computers 52(4), 492–505 (2003)CrossRefGoogle Scholar
  9. 9.
    Daemen, J., Rijmen, V., Barreto, P.S.L.M.: Rijndael: Beyond the AES. In: Mikulášská kryptobesídka 2002 – 3rd Czech and Slovak cryptography workshop, Prague, Czech Republic (December 2002)Google Scholar
  10. 10.
    Barreto, P.S.L.M., Rijmen, V.: The KHAZAD legacy-level Block Cipher. In: First open NESSIE Workshop, Leuven, November 13-14 (2000)Google Scholar
  11. 11.
    Biryukov, A.: Analysis of Involutional Ciphers: KHAZAD and ANUBIS. In: Proceedings of the 3rd NESSIE Workshop, pp. 45–53. Springer, HeidelbergGoogle Scholar
  12. 12.
    Daemen, J., Peeters, M., Assche, G., Rijmen, V.: The Noekeon Block Cipher. In: First Open NESSIE workshop (November 2000)Google Scholar
  13. 13.
    Barreto, P.S.L.M., Rijmen, V.: The ANUBIS Block Cipher. In: Primitive submitted to NESSIE (September 2000), available at
  14. 14.
    Standaert, F., Piret, G., Rouvroy, G.: ICEBERG: an involutional cipher Efficient for block encryption in Reconfigurable hardware. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 279–299. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Standaert, F., Rouvroy, G., Quisquater, J., Legat, J.: Efficient FPGA Implementations of Block Ciphers KHAZAD and MISTY1. In: Proceedings of the 3rd NESSIE Workshop, Munich (November 2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Nikhil Joshi
    • 1
  • Kaijie Wu
    • 1
  • Ramesh Karri
    • 1
  1. 1.Department of Electrical and Computer EngineeringPolytechnic UniversityBrooklynUSA

Personalised recommendations