Abstract
Fault injection-based cryptanalysis is one of the most powerful practical threats to modern cryptographic primitives. Popular countermeasures to such fault-based attacks generally use some form of redundant computation to detect and react/correct the injected faults. However, such countermeasures are shown to be vulnerable to selective fault injections. In this article, we aim to develop a cryptographic primitive that is fault tolerant by its construction and does not require to compute the same value multiple times. We utilize the effectiveness of Neural Networks (NNs), which show “some degree” of robustness by functioning correctly even after the occurrence of faults in any of its parameters. We also propose a novel strategy that enhances the fault tolerance of the implementation to “high degree” (close to 100%) by incorporating selective constraints in the NN parameters during the training phase. We evaluated the performance of revised NN considering both software and FPGA implementations for standard cryptographic primitives like 8×8 AES SBox and 4×4 PRESENT SBox. The results show that the fault tolerance of such implementations can be significantly increased with the proposed methodology. Such NN-based cryptographic primitives will provide inherent resistance against fault injections without requiring any redundancy countermeasures.
- Subidh Ali and Debdeep Mukhopadhyay. 2011. An improved differential fault analysis on AES-256. In Proceedings of the 4th International Conference on Cryptology in Africa (AFRICACRYPT’11), Abderrahmane Nitaj and David Pointcheval (Eds.), Lecture Notes in Computer Science, Vol. 6737. Springer, 332--347. DOI:https://doi.org/10.1007/978-3-642-21969-6_21Google ScholarCross Ref
- Guido Bertoni, Luca Breveglieri, Israel Koren, Paolo Maistri, and Vincenzo Piuri. 2002. A parity code based fault detection for an implementation of the advanced encryption standard. In Proceedings of the 17th IEEE International Symposium on Defect and Fault-Tolerance in VLSI Systems (DFT’02). IEEE Computer Society, 51--59. DOI:https://doi.org/10.1109/DFTVS.2002.1173501Google ScholarCross Ref
- Guido Bertoni, Luca Breveglieri, Israel Koren, Paolo Maistri, and Vincenzo Piuri. 2003. Error analysis and detection procedures for a hardware implementation of the advanced encryption standard. IEEE Trans. Comput. 52, 4 (2003), 492--505. DOI:https://doi.org/10.1109/TC.2003.1190590Google ScholarDigital Library
- Andrey Bogdanov, Lars R. Knudsen, Gregor Leander, Christof Paar, Axel Poschmann, Matthew J. B. Robshaw, Yannick Seurin, and C. Vikkelsoe. 2007. PRESENT: An ultra-lightweight block cipher. In Proceedings of the 9th International Workshop Cryptographic Hardware and Embedded Systems (CHES’07), Pascal Paillier and Ingrid Verbauwhede (Eds.), Lecture Notes in Computer Science, Vol. 4727. Springer, 450--466. DOI:https://doi.org/10.1007/978-3-540-74735-2_31Google Scholar
- François Chollet et al. 2015. Keras. Retrieved from https://keras.io.Google Scholar
- Lucian Cojocar, Kaveh Razavi, Cristiano Giuffrida, and Herbert Bos. 2019. Exploiting correcting codes: On the effectiveness of ECC memory against rowhammer attacks. In Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP’19). IEEE, 55--71. DOI:https://doi.org/10.1109/SP.2019.00089Google ScholarCross Ref
- Joan Daemen and Vincent Rijmen. 2002. The Design of Rijndael: AES—The Advanced Encryption Standard. Springer. DOI:https://doi.org/10.1007/978-3-662-04722-4Google ScholarDigital Library
- Lauren De Meyer, Victor Arribas, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2019. M8M: Masks and macs against physical attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019, 1 (2019), 25--50. DOI:https://doi.org/10.13154/tches.v2019.i1.25-50Google Scholar
- Fernando Fernandes dos Santos, Pedro Foletto Pimenta, Caio B. Lunardi, Lucas Draghetti, Luigi Carro, David R. Kaeli, and Paolo Rech. 2019. Analyzing and increasing the reliability of convolutional neural networks on GPUs. IEEE Trans. Reliabil. 68, 2 (2019), 663--677. DOI:https://doi.org/10.1109/TR.2018.2878387Google ScholarCross Ref
- Jingyi Feng, Hua Chen, Yang Li, Zhipeng Jiao, and Wei Xi. 2020. A framework for evaluation and analysis on infection countermeasures against fault attacks. IEEE Trans. Inf. Forens. Secur. 15 (2020), 391--406. DOI:https://doi.org/10.1109/TIFS.2019.2903653Google ScholarDigital Library
- Shamit Ghosh, Dhiman Saha, Abhrajit Sengupta, and Dipanwita Roy Chowdhury. 2015. Preventing fault attacks using fault randomization with a case study on AES. In Proceedings of the 20th Australasian Conference on Information Security and Privacy (ACISP’15), Ernest Foo and Douglas Stebila (Eds.), Lecture Notes in Computer Science, Vol. 9144. Springer, 343--355. DOI:https://doi.org/10.1007/978-3-319-19962-7_20Google ScholarCross Ref
- Benedikt Gierlichs, Jörn-Marc Schmidt, and Michael Tunstall. 2012. Infective computation and dummy rounds: Fault protection for block ciphers without check-before-output. In Proceedings of the 2nd International Conference on Cryptology and Information Security in Latin America (LATINCRYPT’12), Alejandro Hevia and Gregory Neven (Eds.), Lecture Notes in Computer Science, Vol. 7533. Springer, 305--321. DOI:https://doi.org/10.1007/978-3-642-33481-8_17Google ScholarDigital Library
- Xiaofei Guo and Ramesh Karri. 2013. Recomputing with permuted operands: A concurrent error detection approach. IEEE Trans. CAD Integr. Circ. Syst. 32, 10 (2013), 1595--1608. DOI:https://doi.org/10.1109/TCAD.2013.2263037Google ScholarDigital Library
- Xiaolu Hou, Jakub Breier, Dirmanto Jap, Lei Ma, Shivam Bhasin, and Yang Liu. 2019. Experimental evaluation of deep neural network resistance against fault injection attacks. IACR Cryptol. ePrint Arch. 2019 (2019), 461. https://eprint.iacr.org/2019/461.Google Scholar
- Ramesh Karri, Grigori Kuznetsov, and Michael Gössel. 2003. Parity-based concurrent error detection of substitution-permutation network block ciphers. In Proceedings of the 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES’03), Colin D. Walter, Çetin Kaya Koç, and Christof Paar (Eds.), Lecture Notes in Computer Science, Vol. 2779. Springer, 113--124. DOI:https://doi.org/10.1007/978-3-540-45238-6_10Google ScholarCross Ref
- Mehran Mozaffari Kermani and Arash Reyhani-Masoleh. 2010. Concurrent structure-independent fault detection schemes for the advanced encryption standard. IEEE Trans. Comput. 59, 5 (2010), 608--622. DOI:https://doi.org/10.1109/TC.2010.33Google ScholarDigital Library
- Piotr Kotlarz and Zbigniew Kotulski. 2005. On application of neural networks for s-boxes design. In Proceedings of the 3rd International Atlantic Web IntelligenceConference (AWIC’05), Piotr S. Szczepaniak, Janusz Kacprzyk, and Adam Niewiadomski (Eds.), Lecture Notes in Computer Science,Vol. 3528. Springer, 243--248. DOI:https://doi.org/10.1007/11495772_38Google ScholarDigital Library
- Yannan Liu, Lingxiao Wei, Bo Luo, and Qiang Xu. 2017. Fault injection attack on deep neural network. In Proceedings of the 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD’17), Sri Parameswaran (Ed.). IEEE, 131--138. DOI:https://doi.org/10.1109/ICCAD.2017.8203770Google ScholarCross Ref
- Paolo Maistri and Régis Leveugle. 2008. Double-data-rate computation as a countermeasure against fault analysis. IEEE Trans. Comput. 57, 11 (2008), 1528--1539. DOI:https://doi.org/10.1109/TC.2008.149Google ScholarDigital Library
- Tal Malkin, François-Xavier Standaert, and Moti Yung. 2006. A comparative cost/security analysis of fault attack countermeasures. In Proceedings of the 3rd International Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’06), Luca Breveglieri, Israel Koren, David Naccache, and Jean-Pierre Seifert (Eds.), Lecture Notes in Computer Science,Vol. 4236. Springer, 159--172. DOI:https://doi.org/10.1007/11889700_15Google ScholarDigital Library
- J. I. Minnix. 1992. Fault tolerance of the backpropagation neural network trained on noisy inputs. In [Proceedings 1992] Proceedings of the International Joint Conference on Neural Networks (IJCNN’92), Vol. 1. IEEE, 847--852. DOI:https://doi.org/10.1109/IJCNN.1992.287081Google Scholar
- Alan F. Murray and Peter J. Edwards. 1993. Synaptic weight noise during multilayer perceptron training: Fault tolerance and training improvements. IEEE Trans. Neur. Netw. 4, 4 (1993), 722--725. DOI:https://doi.org/10.1109/72.238328Google ScholarDigital Library
- Alan F. Murray and Peter J. Edwards. 1994. Enhanced MLP performance and fault tolerance resulting from synaptic weight noise during training. IEEE Trans. Neur. Netw. 5, 5 (1994), 792--802. DOI:https://doi.org/10.1109/72.317730Google ScholarDigital Library
- Chalapathy Neti, Michael H. Schneider, and Eric D. Young. 1992. Maximally fault tolerant neural networks. IEEE Trans. Neur. Netw. 3, 1 (1992), 14--23. DOI:https://doi.org/10.1109/72.105414Google ScholarDigital Library
- Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold implementations against side-channel attacks and glitches. In Proceedings of the 8th International Conference on Information and Communications Security (ICICS’06), Peng Ning, Sihan Qing, and Ninghui Li (Eds.), Lecture Notes in Computer Science, Vol. 4307. Springer, 529--545. DOI:https://doi.org/10.1007/11935308_38Google ScholarDigital Library
- Sikhar Patranabis, Abhishek Chakraborty, Phuong Ha Nguyen, and Debdeep Mukhopadhyay. 2015. A biased fault attack on the time redundancy countermeasure for AES. In Proceedings of the 6th International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE’15), Stefan Mangard and Axel Y. Poschmann (Eds.), Lecture Notes in Computer Science,Vol. 9064. Springer, 189--203. DOI:https://doi.org/10.1007/978-3-319-21476-4_13Google ScholarDigital Library
- Dhananjay S. Phatak and Israel Koren. 1995. Complete and partial fault tolerance of feedforward neural nets. IEEE Trans. Neur. Netw. 6, 2 (1995), 446--456. DOI:https://doi.org/10.1109/72.363479Google ScholarDigital Library
- Gilles Piret and Jean-Jacques Quisquater. 2003. A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In Proceedings of the 5th International Workshop on Cryptographic Hardware and Embedded Systems (CHES’03), Colin D. Walter, Çetin Kaya Koç, and Christof Paar (Eds.), Lecture Notes in Computer Science, Vol. 2779. Springer, 77--88. DOI:https://doi.org/10.1007/978-3-540-45238-6_7Google ScholarCross Ref
- Peter W. Protzel, Daniel L. Palumbo, and Michael K. Arras. 1993. Performance and fault-tolerance of neural networks for optimization. IEEE Trans. Neur. Netw. 4, 4 (1993), 600--614. DOI:https://doi.org/10.1109/72.238315Google ScholarDigital Library
- Semeen Rehman, Muhammad Shafique, and Jörg Henkel. 2016. Reliable Software for Unreliable Hardware—A Cross Layer Perspective. Springer. DOI:https://doi.org/10.1007/978-3-319-25772-3Google Scholar
- B. E. Segee and M. J. Carter. 1991. Fault tolerance of pruned multilayer networks. In Proceedings of the International Joint Conference on Neural Networks (IJCNN’91), Vol. 2. IEEE, 447--452. DOI:https://doi.org/10.1109/IJCNN.1991.155374Google Scholar
- Bodo Selmke, Johann Heyszl, and Georg Sigl. 2016. Attack on a DFA protected AES by simultaneous laser fault injections. In Proceedings of the 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’16). IEEE Computer Society, 36--46. DOI:https://doi.org/10.1109/FDTC.2016.16Google ScholarCross Ref
- Elko B. Tchernev, Rory G. Mulvaney, and Dhananjay S. Phatak. 2005a. Investigating the fault tolerance of neural networks. Neur. Comput. 17, 7 (2005), 1646--1664. DOI:https://doi.org/10.1162/0899766053723096Google ScholarDigital Library
- Elko B. Tchernev, Rory G. Mulvaney, and Dhananjay S. Phatak. 2005b. Perfect fault tolerance of the n-k-n network. Neur. Comput. 17, 9 (2005), 1911--1920. DOI:https://doi.org/10.1162/0899766054322946Google ScholarDigital Library
- Bo Wang, Leibo Liu, Chenchen Deng, Min Zhu, Shouyi Yin, Zhuoquan Zhou, and Shaojun Wei. 2017. Exploration of benes network in cryptographic processors: A random infection countermeasure for block ciphers against fault attacks. IEEE Trans. Inf. Forens. Secur. 12, 2 (2017), 309--322. DOI:https://doi.org/10.1109/TIFS.2016.2612638Google ScholarDigital Library
- Gaoli Wang and Shaohui Wang. 2010. Differential fault analysis on PRESENT key schedule. In Proceedings of the 2010 International Conference on Computational Intelligence and Security (CIS’10), Muren Liu, Yuping Wang, and Ping Guo (Eds.). IEEE Computer Society, 362--366. DOI:https://doi.org/10.1109/CIS.2010.84Google ScholarDigital Library
- Yong Wang, Li Yang, Min Li, and Sihong Song. 2010. A method for designing S-box based on chaotic neural network. In Proceedings of the 6th International Conference on Natural Computation (ICNC’10). IEEE, 1033--1037. DOI:https://doi.org/10.1109/ICNC.2010.5582968Google ScholarCross Ref
- Kaijie Wu, Ramesh Karri, Grigori Kuznetsov, and Michael Gössel. 2004. Low cost concurrent error detection for the advanced encryption standard. In Proceedings of the 2004 International Test Conference (ITC’04). IEEE Computer Society, 1242--1248. DOI:https://doi.org/10.1109/TEST.2004.1387397Google ScholarCross Ref
Index Terms
- Neural Network-based Inherently Fault-tolerant Hardware Cryptographic Primitives without Explicit Redundancy Checks
Recommendations
Fault Tolerance in Multiprocessor Systems Without Dedicated Redundancy
An algorithm called RAFT (recursive algorithm for fault tolerance) for achieving fault tolerance in multiprocessor systems is described. Through the use of a combination of dynamic space- and time- redundancy techniques, RAFT achieves fault tolerance in ...
Hardware implementation of a fault-tolerant Hopfield Neural Network on FPGAs
This letter presents an FPGA implementation of a fault-tolerant Hopfield Neural Network (HNN). The robustness of this circuit against Single Event Upsets (SEUs) and Single Event Transients (SETs) has been evaluated. Results show the fault tolerance of ...
Reliability Measure of Hardware Redundancy Fault-Tolerant Digital Systems with Intermittent Faults
While significant results are available which allow estimation of reliability measure for systems with permanent faults, no generally applicable results are available for intermittent (transient) faults. Methods are presented here which allow ...
Comments