In this paper, we present a new low-cost concurrent error detection (CED) S-Box architecture for the Advanced Encryption Standard (AES). Because the complexity and the nonlinearity, it is difficult to develop error detection algorithms for the S-Box. Conventionally, a parity checked S-Box is implemented with ROM (read only memory). In some applications, for example, smart cards, both chip size and fault detection are demanded seriously. ROM-based parity checking cannot meet the demands. We propose our CED S-Box (CEDSB) architecture for two reasons. The first is to design a S-Box without ROM. The second is to obtain a compact S-Box with real time error detection. Based on the composite field, we develop the CEDSB architecture to implement the fault detection for the S-Box. The overhead of the CED for the S-Boxes in GF((24)2) and in GF(((22)2)2) are 152 and 132 NAND gates respectively. The amount of extra gates used for the CEDSB is nearly equal to that of the ROM-based CED S-Box (131 NAND gates). The chip area of the ROM-based CED S-Box, the CEDSBs in GF((24)2), and in GF(((22)2)2) are 2996, 558, and 492 NAND gates separately. The chip area of the CEDSB is more compact than a ROM-based CED S-Box.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Shee-Yau WU, Huang-Ting YEN, "On the S-Box Architectures with Concurrent Error Detection for the Advanced Encryption Standard" in IEICE TRANSACTIONS on Fundamentals,
vol. E89-A, no. 10, pp. 2583-2588, October 2006, doi: 10.1093/ietfec/e89-a.10.2583.
Abstract: In this paper, we present a new low-cost concurrent error detection (CED) S-Box architecture for the Advanced Encryption Standard (AES). Because the complexity and the nonlinearity, it is difficult to develop error detection algorithms for the S-Box. Conventionally, a parity checked S-Box is implemented with ROM (read only memory). In some applications, for example, smart cards, both chip size and fault detection are demanded seriously. ROM-based parity checking cannot meet the demands. We propose our CED S-Box (CEDSB) architecture for two reasons. The first is to design a S-Box without ROM. The second is to obtain a compact S-Box with real time error detection. Based on the composite field, we develop the CEDSB architecture to implement the fault detection for the S-Box. The overhead of the CED for the S-Boxes in GF((24)2) and in GF(((22)2)2) are 152 and 132 NAND gates respectively. The amount of extra gates used for the CEDSB is nearly equal to that of the ROM-based CED S-Box (131 NAND gates). The chip area of the ROM-based CED S-Box, the CEDSBs in GF((24)2), and in GF(((22)2)2) are 2996, 558, and 492 NAND gates separately. The chip area of the CEDSB is more compact than a ROM-based CED S-Box.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e89-a.10.2583/_p
Copy
@ARTICLE{e89-a_10_2583,
author={Shee-Yau WU, Huang-Ting YEN, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={On the S-Box Architectures with Concurrent Error Detection for the Advanced Encryption Standard},
year={2006},
volume={E89-A},
number={10},
pages={2583-2588},
abstract={In this paper, we present a new low-cost concurrent error detection (CED) S-Box architecture for the Advanced Encryption Standard (AES). Because the complexity and the nonlinearity, it is difficult to develop error detection algorithms for the S-Box. Conventionally, a parity checked S-Box is implemented with ROM (read only memory). In some applications, for example, smart cards, both chip size and fault detection are demanded seriously. ROM-based parity checking cannot meet the demands. We propose our CED S-Box (CEDSB) architecture for two reasons. The first is to design a S-Box without ROM. The second is to obtain a compact S-Box with real time error detection. Based on the composite field, we develop the CEDSB architecture to implement the fault detection for the S-Box. The overhead of the CED for the S-Boxes in GF((24)2) and in GF(((22)2)2) are 152 and 132 NAND gates respectively. The amount of extra gates used for the CEDSB is nearly equal to that of the ROM-based CED S-Box (131 NAND gates). The chip area of the ROM-based CED S-Box, the CEDSBs in GF((24)2), and in GF(((22)2)2) are 2996, 558, and 492 NAND gates separately. The chip area of the CEDSB is more compact than a ROM-based CED S-Box.},
keywords={},
doi={10.1093/ietfec/e89-a.10.2583},
ISSN={1745-1337},
month={October},}
Copy
TY - JOUR
TI - On the S-Box Architectures with Concurrent Error Detection for the Advanced Encryption Standard
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2583
EP - 2588
AU - Shee-Yau WU
AU - Huang-Ting YEN
PY - 2006
DO - 10.1093/ietfec/e89-a.10.2583
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E89-A
IS - 10
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - October 2006
AB - In this paper, we present a new low-cost concurrent error detection (CED) S-Box architecture for the Advanced Encryption Standard (AES). Because the complexity and the nonlinearity, it is difficult to develop error detection algorithms for the S-Box. Conventionally, a parity checked S-Box is implemented with ROM (read only memory). In some applications, for example, smart cards, both chip size and fault detection are demanded seriously. ROM-based parity checking cannot meet the demands. We propose our CED S-Box (CEDSB) architecture for two reasons. The first is to design a S-Box without ROM. The second is to obtain a compact S-Box with real time error detection. Based on the composite field, we develop the CEDSB architecture to implement the fault detection for the S-Box. The overhead of the CED for the S-Boxes in GF((24)2) and in GF(((22)2)2) are 152 and 132 NAND gates respectively. The amount of extra gates used for the CEDSB is nearly equal to that of the ROM-based CED S-Box (131 NAND gates). The chip area of the ROM-based CED S-Box, the CEDSBs in GF((24)2), and in GF(((22)2)2) are 2996, 558, and 492 NAND gates separately. The chip area of the CEDSB is more compact than a ROM-based CED S-Box.
ER -