Cryptography Reference
In-Depth Information
in Sects.
10.2
and
10.3
. Then, we briefly review the countermeasures based on
input randomization, point validation, and concurrent error detection for the ECC in
Sect.
10.4
.
10.2 Parity Code-Based Fault Detection
2
m
In this section, we review the fault detection approaches using parity codes in
GF
)
finite field multipliers. For each design, we briefly provide some background infor-
mation to clarify the terms and the formulation.
Let
F
(
(
z
)
be an irreducible polynomial of degree
m
defined as
z
m
f
m
−
1
z
m
−
1
F
(
z
)
=
+
+···+
f
1
z
+
f
0
,
(10.1)
2
m
where
f
i
∈
GF
(
2
)
and 0
≤
i
≤
m
−
1. The binary extension field
GF
(
)
can be
(
)
(
)
constructed using
F
z
. Assuming
x
is a root of the irreducible polynomial
F
z
,
x
2
x
m
−
1
(
)
=
{
,
,
,...,
}
i.e.
F
x
0, the polynomial basis (PB) is defined as the set
1
x
.
2
m
,
∈
(
)
Now,
A
B
GF
can be defined as
m
−
1
m
−
1
a
i
x
i
b
i
x
i
A
=
,
B
=
,
(10.2)
i
=
0
i
=
0
where
a
i
,
b
i
∈
GF
(
2
)
.
10.2.1 Single-Bit Parity-Based Approaches
In [139], a single-bit parity code-based approach was proposed to implement online
error detection for all one polynomial (AOP) multipliers. The AOP is defined as
F
z
m
z
m
−
1
(
z
)
=
+
+···+
z
+
1 and the multiplication is done modulo
F
(
x
)
, i.e.
C
. This multiplication is carried out
by the following matrix formulation using the extended PB
=
A
·
B
mod
F
(
x
)
, where
x
is a root of
F
(
z
)
x
m
−
1
x
m
{
1
,
x
,...,
,
}
:
⎡
⎣
⎤
⎦
⎡
⎣
⎤
⎦
⎡
⎣
⎤
⎦
c
m
c
m
−
1
c
1
c
0
a
0
a
1
···
a
m
b
m
b
m
−
1
b
1
b
0
a
m
a
0
···
a
m
−
1
.
.
.
.
=
,
(10.3)
a
2
a
3
···
a
1
a
1
a
2
···
a
0
=
i
=
0
a
i
x
i
,
B
=
i
=
0
b
i
x
i
, and
C
=
i
=
0
c
i
x
i
.
where
A