Abstract

We present a method of protecting a hardware implementation of the advanced encryption standard (AES) against a side-channel attack known as differential fault analysis attack. The method uses systematic nonlinear (cubic) robust error detecting codes. Error-detecting capabilities of these codes depend not just on error patterns (as in the case of linear codes) but also on data at the output of the device which is protected by the code and this data is unknown to the attacker since it depends on the secret key. In addition to this, the proposed nonlinear (n,k)-codes reduce the fraction of undetectable errors from 2/sup -r/ to 2/sup -2r/ as compared to the corresponding (n,k) linear code (where n - k = r and k >= r). We also present results on a FPGA implementation of the proposed protection scheme for AES as well as simulation results on efficiency of the robust codes.