Research On The Chip Architectures Of Modular Arithmetic Resilient To Fault-injection Attacks

This work study the resistance of modular arithmetic components to hardware fault-injection attacks, propose the ASIC architectures and optimzation of a class of secure modular arithmetic components.Modular arithmetic with a large modulus is the essential and most time-consuming operation in many public key cryptographic systems, such as RSA and ECC. The effi-ciency and security of modular arithmetic components in hardware are two of the hottest research points in cryptography. The efficiency of modular arithmetic components in hardware has been studied extensively in literature. Researchers have developed a lot of techniques to optimize the architectures for modular arithmetic. On the other hand, the developments of attacks methods, especially the developments of fault-injection at-tacks, make the security of modular arithmetic components more critical. Errors either due to natural causes or deliberate fault injection by an attacker may make the modular arithmetic components unusable or may help the attacker to retrieve sensitive data. As a result, it's important to bring protection scheme to modular arithmetic components, which is also the focus point of this paper.First, we propose a class of secure systolic architectures for Montgomery modular multipliers over prime fields resilient to fault-injection attacks. Our secure architec-tures' resilience to fault-injection attacks is based on the detection and report of errors in arithmetic units caused by injected faults. Precisely, each of our secure architectures has two modules, in which one is a Main Function Module which computes Montgomery modular multiplication over prime fields, the other is an Error Detection Module which detects errors either due to natural causes or deliberate fault injection by an attacker. Moreover, the proposed Main Function Module is implemented as a high-radix systolic Montgomery modular multiplier which has several computing types. And the Error Detection Module uses linear arithmetic codes to detect and localize errors in arith-metic units caused by injected faults, and works in one of our error-detecting styles. Various combinations of computing types and error-detecting styles were explored to get some excellent secure architectures. The average error-reporting delays of these two error-detecting styles are much shorter than relative work on Montgomery modular mul-tiplication over binary fields. Injected faults can also be localized by the Error Detection Module of our error-detecting Style-II. We also optimized our secure architectures to maximum the throughput rate.Take the proposed secure1024-bit systolic Montgomery modular multipliers in ASIC for example. In our (32×3)-type secure architecture with an Error Detection Module of error-detecting Style-I, the error detection capability is over99.9985%, the hardware and time overhead ratios of the Error Detection Module are26.73%and0.73%, respectively, the average error-reporting delay is about8.56%of the whole MMM computing time, and the throughput rate of the Main Function Module is34.44%higher than the best relative scheme in. In addition, for our error-detecting Style-II, the detection capability of a single fault is over96.77%, and it grows exponentially with the increment of the number of injected faults. The error-reporting delay takes up only about1%of the whole MMM computing time. Moreover, with our error-detecting Style-?, we can not only detect but also localize array errors. The localizability of errors is90.63%in our secure architectures, on condition that the number of affected processing elements(PEs) is less than or equal to3.Secondly, the resistance to hardware fault-injection attacks is extended to modular division. The error detection capabilities are the same as in Montgomery modular multiplier over prime fields. Moreover, the output memory used to cache the result of modular division is decreased by optimizing the bit width of the processing elements in the systolic array.Lastly, the proposed secure Montgomery modular multiplier and modular divider are assembled together to construct secure RSA and ECC algorithms, and provide protection for public key cryptographic systems.