Skip to Main Content
Public-key cryptographic devices are vulnerable to fault-injection attacks. As countermeasures, a number of secure architectures based on linear and nonlinear error detecting codes were proposed. Linear codes provide protection only against primitive adversaries with limited attack capabilities. On the other hand nonlinear codes provide protection against strong adversaries, but at the price of high area overhead (200%-400%). In this paper we propose a novel error detection technique based on the random selection of linear arithmetic codes and explore the use of this technique for the protection of the multiplier, which is a basic block in many public-key cryptographic devices. The error detection technique does not imply any limitations on the types of errors at the output of the device, e.g., the multiplicity of the error does not have to be small. Under mild assumptions the proposed construction achieves near nonlinear code error detection performance at a lower cost (at most 50% area overhead for the protection of multipliers) due to the fact that no nonlinear operations are needed for the encoder and decoder.