M.-L. Flottes

Self-Test Techniques for Crypto-Devices

This paper describes a generic built-in self-test strategy for devices implementing symmetric encryption algorithms. Taking advantage of the inner iterative structures of crypto-cores, test facilities are easily set-up for circular self-test of the crypto-cores, built-in pseudorandom test generation and response analysis for other cores in the host device. Main advantages of the proposed test implementation are an architecture with no visible scan chain, 100% fault coverage on crypto-cores with negligible area overhead, availability of pseudorandom test sources, and very low aliasing response compaction for other cores.

An Integrated Validation Environment for Differential Power Analysis

Integrated systems represent the most common solution for storage and transmission of confidential data. However, cryptographic devices can be subject to passive attacks that consist in retrieving secret data by observing physical properties of the device (e.g. execution time, power consumption, electromagnetic field). An attack based on power analysis for instance is very efficient and relatively easy to perform. Designers implement this attack in order to see if their design meets the requirements in terms of resistance. In this paper we describe a complete and flexible environment for validation of a digital device when attacked by means of Differential Power Analysis.

An On-Line Fault Detection Scheme for SBoxes in Secure Circuits

In this paper we propose an on-line fault detection architecture for bijective Substitution Boxes used in cryptographic circuits. Concurrent fault detection is important not only to protect the encryption/decryption process from random and production faults, it also protects the system against side-channel attacks, in particular those based on fault injection. We will prove that our solution is very effective while keeping the area overhead very low. Besides, we will analyze the correlation between the information processed by the circuit and the power consumption in order to asses the quality of the solution with respect to other side- channel attacks such as Power Analysis techniques.

A Novel Parity Bit Scheme for SBox in AES Circuits

This paper addresses an efficient concurrent fault detection scheme for the SBox hardware implementation of the AES algorithm. Concurrent fault detection is important not only to protect the encryption/decryption process from random and production faults. It will also protect the system against side-channel attacks, in particular fault-based attacks, i.e. the injection of faults in order to retrieve the secret key. We will prove that our solution is very effective while keeping the area overhead very low.

A single built-in sensor to check pull-up and pull-down CMOS networks against transient faults

This work proposes a novel built-in current sensor for detecting transient faults of short and long duration as well as multiple faults in combinational and sequential logic. Unlike prior similar strategies, which are formed by pairs of PMOS and NMOS sensors, the proposed scheme is a single sensor connected to PMOS and NMOS bulks of the monitored logic. In comparison with existing transient-fault mitigation techniques, the paper presents very competitive results that indicate no performance penalty, and overheads of only 26 % in power consumption and 23 % in area.

A bulk built-in sensor for detection of fault attacks

This work presents a novel scheme of built-in current sensor (BICS) for detecting transient fault-based attacks of short and long duration as well as from different simultaneous sources. The new sensor is a single mechanism connected to PMOS and NMOS bulks of the monitored logic. The proposed protection strategy is also useful for improving any state-of-the-art Bulk-BICS from pairs of PMOS and NMOS sensors to single sensors.

Evaluation of concurrent error detection techniques on the Advanced Encryption Standard

Due to the shrinking of transistors dimensions in nowadays technologies, circuits are more and more sensitive to aging phenomenon, as well as soft errors. Furthermore cryptographic circuits are prone to fault attacks, which intend to retrieve secret data by mean of fault injection. Thus, concurrent fault detection is of prime interest for such crypto devices. The purpose of this paper is to compare several concurrent fault detection schemes dedicated to the hardware implementation of the advanced encryption standard. The schemes under comparison are directly issued from the literature or built from several complementary solutions. The evaluation of these schemes is performed in terms of costs and performance with particular emphasis on errors vs faults detection capabilities.

A Reliable Architecture for the Advanced Encryption Standard

In this paper we propose an on-line self-test architecture for hardware implementations of advanced encryption standard (AES). The solution assumes a parallel architecture and exploits the inherent spatial replications of this implementation. We show that our solution is very effective for on-line fault detection while keeping the area overhead very low. Moreover, it does not weak the device with respect to side-channel attacks based on power analysis.

Mixed-Signal Test Training at CRTC

Profiting its experience in organizing test training (until now more than 280 people have been trained through 35 one-week training courses), the CRTC (“Centre de Ressources de Test du CNFM”) proposes a new training dedicated to mixed-signal testing, in the field of both initial and continuing education. Using the mixed-signal testing capabilities of the HP83000 tester and exploiting its net accessibility, CRTC is able to deliver a complete mixed-signal test training, with remote test possibilities.

Evaluation of concurrent error detection techniques on the advanced encryption standard

Due to the shrinking of transistors dimensions in nowadays technologies, circuits are more and more sensitive to aging phenomenon, as well as soft errors. Furthermore cryptographic circuits are prone to fault attacks, which intend to retrieve secret data by mean of fault injection. Thus, concurrent fault detection is of prime interest for such crypto devices. The purpose of this paper is to compare several concurrent fault detection schemes dedicated to the hardware implementation of the advanced encryption standard. The schemes under comparison are directly issued from the literature or built from several complementary solutions. The evaluation of these schemes is performed in terms of costs and performance with particular emphasis on errors vs faults detection capabilities.