Arithmetic logic units with high error detection rates to counteract fault attacks

Modern security-aware embedded systems need protection against fault attacks. These attacks rely on intentionally induced faults. Such intentional faults have not only a different origin, but also a different nature than errors that fault-tolerant systems usually have to face. For instance an adversary who attacks the circuit with two lasers can potentially induce two errors at different positions. Such errors can not only defeat simple double modular redundancy schemes, but as we show, also naive schemes based on any linear code over GF(2). In this article, we describe arithmetic logic units (ALUs) which provide high error detection rates even in the presence of such errors. The contribution in this article is threefold. First, we show that the minimum weight of an undetected error is no longer defined by the code distance when certain arithmetic and logic operations are applied to the codewords. As a result, additional hardware is needed to preserve the minimum error weight for a given code. Second, we show that for multi-residue codes, these delicate operations are rare in typical smart card applications. This allows for an efficient time-area trade-off for checking the codewords and thus to significantly reduce the hardware costs for such a protected ALU. Third, we implement the proposed architectures and study the influence of the register file and a multiplier on the area and on the critical path.