Abstract:Whether stemming from malicious intent or natural occurrences, faults and errors can significantly undermine the reliability of any architecture. In response to this challenge, fault detection assumes a pivotal role in ensuring the secure deployment of cryptosystems. Even when a cryptosystem boasts mathematical security, its practical implementation may remain susceptible to exploitation through side-channel attacks. In this paper, we propose a lightweight fault detection architecture tailored for modular exponentiation, a building block of numerous cryptographic applications spanning from classical cryptography to post quantum cryptography. Based on our simulation and implementation results on ARM Cortex-A72 processor, and AMD/Xilinx Zynq Ultrascale+, and Artix-7 FPGAs, our approach achieves an error detection rate close to 100%, all while introducing a modest computational overhead of approximately 7% and area overhead of less than 1% compared to the unprotected architecture. To the best of our knowledge, such an approach benchmarked on ARM processor and FPGA has not been proposed and assessed to date.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is: in cryptographic applications, how to efficiently detect faults and errors in modular exponentiation. Modular exponentiation is a core component of many classical and post - quantum cryptosystems, but in practical implementation it is vulnerable to side - channel attacks and fault - injection attacks. Therefore, ensuring its reliability and security is crucial. ### Specific problems: 1. **The impact of faults and errors on the cryptosystem**: Whether it is malicious behavior or a naturally occurring situation, faults and errors will seriously affect the reliability of the architecture. Especially in a cryptosystem, even a single - bit change may lead to a completely different output. 2. **The shortcomings of existing methods**: Although there are already some fault - detection methods for specific cryptosystems, these methods usually introduce large computational overheads and may be unsafe or ineffective in some cases. 3. **The importance of modular exponentiation**: Modular exponentiation is the basis of many cryptosystems, including the classical RSA, Diffie - Hellman protocol, and some post - quantum cryptographic schemes (such as KAZ). Therefore, a fault - detection method specifically for modular exponentiation has wide application value. ### Goals of the paper: - Propose a lightweight fault - detection architecture specifically for modular exponentiation. - Through the method of partial recomputation, while ensuring a high error - detection rate, minimize computational overhead and area overhead as much as possible. - Conduct simulation and implementation on the ARM Cortex - A72 processor and FPGA to verify the effectiveness of this method. ### Main contributions: - **High error - detection rate**: This method achieves an error - detection rate close to 100% under multiple fault models. - **Low computational overhead**: Compared with the unprotected architecture, the computational overhead is only increased by about 7%, and the area overhead is less than 1%. - **Wide applicability**: This method is applicable not only to classical cryptosystems but also to modular exponentiation in post - quantum cryptosystems. Through these improvements, this paper provides an efficient and reliable fault - detection scheme that can be widely used in resource - constrained embedded devices.

Efficient Fault Detection Architectures for Modular Exponentiation Targeting Cryptographic Applications Benchmarked on FPGAs