Reliable Architecture-Oblivious Error Detection Schemes for Secure Cryptographic GCM Structures

To augment the confidentiality property provided by block ciphers with authentication, the Galois Counter Mode (GCM) has been standardized by the National Institute of Standards and Technology. The GCM is used as an add-on to 128-bit block ciphers, such as the Advanced Encryption Standard (AES), SMS...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on reliability Vol. 68; no. 4; pp. 1347 - 1355
Main Authors Kermani, Mehran Mozaffari, Azarderakhsh, Reza
Format Journal Article
LanguageEnglish
Published New York IEEE 01.12.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
<inline-formula xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <tex-math notation="LaTeX"> GF(2^{128})</tex-math> </inline-formula> multiplier
Algorithms
Application specific integrated circuits
Application-specific integrated circuit (ASIC)
Authentication
Ciphers
Computer architecture
Computer simulation
Construction
Cryptography
Encryption
Error correction & detection
Error detection
Fields (mathematics)
Galois Counter Mode (GCM)
Integrated circuits
Linear codes
Performance measurement
Reliability
Online AccessGet full text

Cover

More Information
Summary:To augment the confidentiality property provided by block ciphers with authentication, the Galois Counter Mode (GCM) has been standardized by the National Institute of Standards and Technology. The GCM is used as an add-on to 128-bit block ciphers, such as the Advanced Encryption Standard (AES), SMS4, or Camellia, to verify the integrity of data. Prior works on the error detection of the GCM either use linear codes to protect the GCM architectures or are based on AES-GCM architectures, confining the mechanisms to the AES block cipher. Although such structures are efficient, they are not only confined to specific architectures of the GCM but might also not fully take advantage of the parallel architectures of the GCM. Moreover, linear codes have been shown to be potentially ineffective with respect to biased faults. In this paper, we propose algorithm-oblivious constructions through recomputing with swapped ciphertext and additional authenticated blocks, which can be applied to the GCM architectures using different finite field multipliers in GF (2128). Such obliviousness for the proposed constructions used in the GCM gives freedom to the designers. We present the results of error simulations and application-specific integrated circuit implementations to demonstrate the utility of the presented schemes. Based on the overhead/degradation tolerance for implementation/performance metrics, one can fine-tune the proposed method to achieve more reliable architectures for the GCM.
ISSN:0018-9529
1558-1721
DOI:10.1109/TR.2018.2882484