The Bypass Attack Resistance Of Symmetric Cipher Algorithm And Its Hardware Implementation

With the increasing demand for high secure information, cryptographic algorithms have been used in almost every concern of our lives. Among these algorithms, symmetric algorithms are mostly used to encrypt or decrypt large amount of data in a relatively short time. The most popular symmetric algorithm is the Advanced Encryption Standard, or the AES algorithm.Although AES algorithm has been evaluated from every security aspects when selecting, the side-channel attacks proposed after it put great threats on AES algorithm. These side-channel attack methods include fault analysis attack, power analysis attack, and electromagnetic analysis attack, etc. The differential fault analysis attack and differential power analysis attack are especially harmful to AES algorithm.In this paper, after briefly introducing the calculation flow and main operations in AES algorithm, a very low-cost VLSI implementation of AES algorithm is proposed. The proposal achieves high throughput under very low hardware cost, and has a much higher throughput to hardware cost ratio than those of previous designs.After that, fundamentals of fault analysis attack and power analysis attack are introduced, together with several previous countermeasure methods and their advantages and drawbacks. Then three side-channel resistant AES algorithms and their VLSI implementation schemes are proposed. These include a differential fault attack resistant AES algorithm with two-dimensional parity check to do concurrent error detection, a low-cost differential power analysis resistant AES algorithm and its VLSI implementation, as well as an AES algorithm against both differential fault analysis and differential power analysis.Based on the fundamentals of side-channel attacks, this paper verifies whether the three proposals above are effective against the side-channel attacks they aim at by simulations. Simulation results show that the two-dimensional parity check method for AES algorithm has much higher error coverage rate than those of traditional methods, and the differential power analysis resistant AES is not vulnerable to power analysis. Besides, a lot of methods, such as module reuse and pipeline structure, have been applied to reduce hardware cost and increase hardware speed and throughput of the three proposals. These schemes attribute to the good comparison results between the designs in this paper and previous designs.Finally, several proposals concerning future study on countermeasures of symmetric algorithms against side-channel attacks have been suggested.