Cryptography Reference
In-Depth Information
The generation of
C
using the function
H
resembles the generation of the coor-
dinates of
C
using the function
F
by shifting the coordinates of
A
.
In [343], a single-bit parity code is used for fault detection in bit-serial and bit-
parallel PB multipliers. To explain this work, we recall that
F
(
x
)
=
0, and as a result
one can write (
10.1
)as
x
m
f
m
−
1
x
m
−
1
=
+···+
f
1
x
+
f
0
.
(10.5)
First, we present the following note to show a property of the irreducible polyno-
mial
F
(
z
)
.
Note 10.1
Since
F
(
z
)
is an irreducible polynomial, it is not divisible by
(
x
+
1
)
and
1. We can also state that
m
−
1
i
consequently
F
0 [343].
We start with the least significant bit (LSB) first bit-serial PB multiplier which is
shown in Fig.
10.1
using white blocks. This multiplier includes two
m
-bit registers
(
X
and
Y
), the
x
module, which computes a multiplication by
x
,followedbya
reduction modulo
F
(
1
)
=
f
i
=
=
0
. Also, the AND and XOR blocks perform logical AND and
XOR operations, respectively. To study the fault detection circuit for this multiplier,
the following lemma is presented.
(
x
)
=
m
−
1
i
A
Lemma 10.2
Let Q
=
A
·
xmodF
(
x
)
and
a
i
be the parity bit of A.
=
0
Q, is obtained as follows [343]:
Then, the parity bit of Q, i.e.
Q
=
A
+
a
m
−
1
,
where a
m
−
1
is the most significant coordinate of A defined in (
10.2
).
The other two operations in the LSB-first PB multiplier are field addition and mul-
tiplication by one bit. For these operations, one can define the following properties.
A
and
B
be their
2
m
Property 10.1
Let
A
and
B
be two field elements of
GF
(
)
, and
Q
=
A
+
B
.
parity bits, respectively. The parity bit of
Q
=
A
+
B
can be obtained as
2
m
A
be its parity bit. The parity
Property 10.2
Let
A
be a field element of
GF
(
)
and
Q
·
A
, where
b
bit of
Q
=
b
·
A
can be obtained as
=
b
∈
GF
(
2
)
.
The fault detection scheme for LSB-first bit-serial PB multiplier using a single-bit
parity code can be obtained using Lemma 10.2 and Properties 10.1 and 10.2. The
fault detection in the
x
module is based on Lemma 10.2. The fault detection in the
XOR and AND blocks are based on Properties 10.1 and 10.2, respectively. The final
fault detection circuit for the LSB-first bit-serial PB multiplier is shown in Fig.
10.1
a
using grey blocks.
The other bit-serial PB multiplier is based on a most significant bit (MSB) first
multiplication algorithm and is shown in Fig.
10.1
b. The building blocks of this
multiplier are similar to the ones of the LSB-first multiplier. The fault detection
circuit of this multiplier is shown in Fig.
10.1
b using gray blocks.
