Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Paper 2014/912

Low-Cost Concurrent Error Detection for GCM and CCM

Xiaofei Guo and Ramesh Karri

Abstract

In many applications, encryption alone does not provide enough security. To enhance security, dedicated authenticated encryption (AE) mode are invented. Galios Counter Mode (GCM) and Counter with CBC-MAC mode (CCM) are the AE modes recommended by the National Institute of Standards and Technology. To support high data rates, AE modes are usually implemented in hardware. However, natural faults reduce its reliability and may undermine both its encryption and authentication capability. We present a low-cost concurrent error detection (CED) scheme for 7 AE architectures. The proposed technique explores idle cycles of the AE mode architectures. Experimental results shows that the performance overhead can be lower than 100% for all architectures depending on the workload. FPGA implementation results show that the hardware overhead in the 0.1-23.3% range and the power overhead is in the 0.2-23.2% range. ASIC implementation results show that the hardware overhead in the 0.1-22.8% range and the power overhead is in the 0.3-12.6% range. The underlying block cipher and hash module need not have CED built in. Thus, it allows system designers to integrate block cipher and hash function intellectual property from different vendors.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision. Journal of Electronic Testing: Theory and Applications
DOI
10.1007/s10836-014-5494-0
Keywords
concurrent error detectionfault attackreliabilityGCMCCMauthenticated encryptionsecret-key cryptographyAES
Contact author(s)
xg243 @ nyu edu
History
2014-11-05: received
Short URL
https://ia.cr/2014/912
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/912,
      author = {Xiaofei Guo and Ramesh Karri},
      title = {Low-Cost Concurrent Error Detection for {GCM} and {CCM}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/912},
      year = {2014},
      doi = {10.1007/s10836-014-5494-0},
      url = {https://eprint.iacr.org/2014/912}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.