Fault Diagnosis and Tolerance in Cryptography

In recent years applied cryptography has developed considerably to satisfy the - creasing security requirements of various information technology disciplines, such as telecommunications, networking, database systems, mobile applications and others. Cryptosystems are inherently computationally complex and in order to satisfy the high throughput requirements of many applications, they are often implemented by means of either VLSI devices (cryptographic accelerators) or highly optimized software routines (cryptographic libraries) and are used via suitable (network) protocols. The sophistication of the underlying cryptographic algorithms, the high complexity of the implementations, and the easy access and low cost of cryptographic devices resulted in increased concerns regarding the reliability and security of crypto-devices. The effectiveness of side channel attacks on cryptographic devices, like timing and power-based attacks, has been known for some time. Several recent investigations have demonstrated the need to develop methodologies and techniques for designing robust cryptographic systems (both hardware and software) to protect them against both accidental faults and maliciously injected faults with the purpose of extracting the secret key. This trend has been particularly motivated by the fact that the equipment needed to carry out a successful side channel attack based on fault injection is easily accessible at a relatively low cost (for example, laser beam technology), and that the skills needed to use it are quite common. The identification of side channel attacks based on fault injections and the development of appropriate counter-measures have therefore become an active field of scientific and industrial research.

In recent years applied cryptography has developed considerably to satisfy the - creasing security requirements of various information technology disciplines, such as telecommunications, networking, database systems, mobile applications and others. Cryptosystems are inherently computationally complex and in order to satisfy the high throughput requirements of many applications, they are often implemented by means of either VLSI devices (cryptographic accelerators) or highly optimized software routines (cryptographic libraries) and are used via suitable (network) protocols. The sophistication of the underlying cryptographic algorithms, the high complexity of the implementations, and the easy access and low cost of cryptographic devices resulted in increased concerns regarding the reliability and security of crypto-devices. The effectiveness of side channel attacks on cryptographic devices, like timing and power-based attacks, has been known for some time. Several recent investigations have demonstrated the need to develop methodologies and techniques for designing robust cryptographic systems (both hardware and software) to protect them against both accidental faults and maliciously injected faults with the purpose of extracting the secret key. This trend has been particularly motivated by the fact that the equipment needed to carry out a successful side channel attack based on fault injection is easily accessible at a relatively low cost (for example, laser beam technology), and that the skills needed to use it are quite common. The identification of side channel attacks based on fault injections and the development of appropriate counter-measures have therefore become an active field of scientific and industrial research.