Hamming-code based fault detection design methodology for block ciphers

Fault injection, in particular Differential Fault Analysis (DFA), has become one of the main methods for exploiting vulnerabilities into the block ciphers currently used in a multitude of applications. In order to minimize this type of vulnerabilities, several mechanisms have been proposed to detect this type of attacks. However, these mechanisms can have a significant cost or not adequately cover the implementations against fault attacks. In this paper a novel approach is proposed, consisting in generating the signatures of the internal state using a Hamming code. This allows to cover a larger amount of faults allowing to detect even or odd bit changes, as well as multibit and multi-byte changes, the ones that make ciphers more vulnerable to DFA attacks. As case of study, this approach has been applied to the Advanced Encryption Standard (AES) block cipher implemented on FPGA using T-boxes. The results suggest a higher fault coverage with an overhead of 16% of resource consumption and without any penalty in the frequency degradation.