Fault Attack Resistant Cryptographic Hardware with Uniform Error Detection

Traditional hardware error detection methods based on linear codes make assumptions about the typical or expected errors and faults and concentrate the detection power towards the expected errors and faults. These traditional methods are not optimal for the protection of hardware implementations of cryptographic hardware against fault attacks. An adversary performing a fault-based attack can be unpredictable and exploit weaknesses in the traditional implementations. To detect these attacks where no assumptions about expected error or fault distributions should be made we propose and motivate an architecture based on robust nonlinear systematic (n,k)-error-detecting codes. These code can provide uniform error detecting coverage independently of the error distributions. They make no assumptions about what faults or errors will be injected by an attacker and have fewer undetectable errors than linear codes with the same (n,k). We also present optimization approaches which provide for a tradeoff between the levels of robustness and required overhead for hardware implementations.