# I. Introduction ryptography is used in the data communication system to secure the information. The national institute of standards and technology (NIST) finalized the advance encryption standard in October 2000. AES is introduced after the data encryption standard (DES). AES algorithm is most frequently used due to its high frequency and simplicity. In AES during encryption it accepts a plain text input. Plain text input is limited to 128 bits and a key that can be specified to be 128 bit (AES-128) 192 or 256 bits to generate the cipher text. Round transformations are performed in AES. The four transformations includes sub bytes shift rows, mixed columns and add round keys. The objective of AES is to secure the information being transferred from a user and only the desired receiver with a secret key would retrieve the original data. But sometimes some malicious faults injected during the implementation of AES algorithm. Due to these faults AES does not ensure that the information is transferred reliably. There are several fault attacks on AES. To obtain the confidential information the differential fault analysis (DFA) attacks are based on injecting faults into the structure of AES. # II. Related Work Mestiri et al. [1] introduced a fault detection scheme, which is based on modified temporal redundancy for AES round it is used to detect transient single and multiple faults occurring at rub time. Round transformations are performed to detect the faults. The authors give the new scheme for fault detection in sub bytes and the inverted sub bytes using the relation between the input and output of S-box and inverted Sbox. Chu et al. [2] focused on the new method called as polynomial residue number system (PRNS) that is error detection method to secure the AES implementation. This scheme yields very good coverage and the distribution and parallelism characteristic of a PRNS error detecting system yields intrinsic resistance to some side channel attacks. Rajendran et al. [3] proposed a new mechanism called as CED which is based on the slide attacks. This mechanism is independent of the S-box scheme. It is applicable to all symmetric block ciphers. A. Reyhani -Masoleh et al. [4] proposed a structure independent low cost fault detection scheme for implementation of AES. The authors introduced new formulations for the fault detection in sub bytes and inverted sub bytes using arithmetic relations. The arithmetic relations are in between the input and the output of the S-box and inverted S-box. These schemes are independent of the way the S-box and the inverted S-box are implemented. From this related search, it is observed that the new fault detection scheme is used for AES implantation. This scheme gives reliable implementation with new architecture of AES for checking sub bytes, inverted sub bytes and the other transformation in the inscription and the decryption process. # III. Advance Encryption Standard Advance encryption standard (AES) is a nonfeistel block cipher that encrypts and decrypts a data block of 128, 192 and 256 bits each data blocks consist of 4×4 array of bytes this array of bytes is called as states. AES is a round-based algorithm. The number of round is 10, 12 or 14. These rounds use key length of 128,192 and 256 bits respectively. The different operations are performed in AES like sub bytes, shift rows, mix columns and add round keys. But in the final round doesn't have the mix column transformation. The separate key scheduling module help to initial key to generate the round key which is used in each round. 1. In this process, each byte is replaced with another based on LUT in non-linear substitution step called as Sub bytes. 2. Each row of the state is shifted cyclically a certain number of steps which happens in the transposition step that operation is called as rows called as Shift rows. # Combining the four bytes in each column by linear transformation during column interchange that is called Mix column operation. 4. The cipher key generates a round key by using the key schedule and the round combines each byte of state. This process is known as Add round key. Fig. 1 shows the general structure of AES which includes the different round transformation that is sub bytes, shift rows and mix columns. For generating key schedule AES algorithm takes the cipher key and performs a key expansion routine. In the decryption process the inverse of corresponding transformation in encryption is performed i.e. Inv_shiftRows, Inv_SubBytes and Inv_MixColumns. # IV. AES Implementation In AES 32-bit implementation, it takes four32bit words for the input data and four 32-bit words for the cipher key. Then it performs the encryption or decryption process and the output data it as four32-bit words. The architecture of AES is composed of six modules: 1. Input interface-It is used to load and store the input blocks for encryption and decryption process. V. Fault Injection Attacks The errors that are introduced during implementation of cryptographic algorithms are called as fault injection attacks. During implementation of AES one or several faults are injected and faulty output is used to obtain information on the secret key stored in secured component. Many authors introduced series of simulation for evaluation of robustness of unprotected AES algorithm against fault injection attacks. After a certain numbers of fault injection those attacks can retrieve the secret key of AES. So it is necessary to protect AES from those fault injection attacks. To protect AES from the faults different techniques are introduced. In the proposed fault detection scheme modified temporal redundancy technique used for the AES round to detect transient single and multiple faults occurring at runtime. So, for this purpose the AES round transformation is broken into two parts and pipeline register inserted in between. In that the first-round operation is checked against errors while second half round is performed and vice versa. Every round is required two clock cycles: the first cycle is to perform normal encryption while second is to realize the re-encryption of the same input and to compare the results. The registers are loaded in each clock cycle to perform the round operation and the fault detection process is shown in table1 In first clock cycle, the plain text is XORed with the initial key, round 0 is processing. In the second clock cycle (k=2, 3) the state message goes through the first half of the first AES round (??1,1). The ??1,1starts with the second clock cycle. In third clock cycle, while the second half round is processing the second half of the # VI. Fault Detection Scheme for AES In related work, it shows that, no. of fault detection schemes against fault injection attacks are based on some sort of redundancy. The redundancies are hardware, temporal, and information redundancy. In case of AES basic temporal redundancy is used it is related to hardware. Fig. 6 is used to perform both the normal encryption and re-encryption using same input. The results are compared and every discrepancy is considered as an error at the end of encryption execution. # Global Journal of Computer Science and Technology Volume XVII Issue II Version I 25 Year 2017 ( ) H first AES round ??2,1, the first half round perform the reencryption of ??1,1 using the same input [1]. The ??1,2of the AES encryption starts at the fourth clock cycle, at the same clock cycle the second half round is reprocessing the second half of the first round ??2,1. The ????1and ????2registers are used to store the output value of each round to be compared with PR and OR registers, respectively. It should be noted that although the encryption is performed at second clock cycle, the result is not used till the third clock cycle where the output of the first half round is available for error checking [1]. Table 1: Sequence of operations for proposed architecture [1]. # VII. Implementation Details of Rounds a) Implementation of first half AES (??1,??) In first half AES round to implement the S-box operation two methods are present, first is using LUT and second is by mathematical equations. LUT method is more suitable. All operations are in infinite Galois field. In first half sub byte and shift row operations are performed. For sub byte /inv_subbyte operation 16 Sbox/inv_S-box are required. The Shift row operation is a circular shifting operation on the rows of state having different no. of bytes. # b) Implementation of second half AES (??2,??) In second half mix column and add round key operations are performed. Mix column operation is performed using following equations [1]. The Add round key is XOR operation that adds round key to the mix column output state and the round keys are generated during key expansion [1]. # VIII. Simulation Results In AES algorithm some operations are performed. For these operations one look up table is used to assign values to the register that look up table is shown in table 2. In AES algorithm, the encryption and decryption operations are performed. Plain text of 128-bit and key also of 128-bit are given as a input. During encryption sub byte, shift rows. mix column and add round key operations are performed. During decryption inv_sub byte, inv_shift row and inv_mixcolumn, operations are performed. The faults are generated randomly during the encryption and decryption process. Flag error in fig. 3 shows the status of fault that is present or not. # Clock cycle (k) Register operation 1 st half round 2 nd half round k = 1 PT Key ---- --- k =2, # IX. Conclusion In communication system information security is most important. AES algorithm, can resist any kinds of password attacks with a strong practicability and reliability. The AES algorithm can be efficiently implemented by using FPGA platform. During implementation of AES some natural and malicious faults are injected. It is necessary to resist those faults for better performance of AES algorithm. In fault detection scheme critical path of the AES round operation is divided into two halves and a pipeline register is inserted in between them and normal encryption and re-encryption operations are performed. Simulation results show the round1, encryption and decryption operations. During encryption and decryption process faults are injected and the flag error shows the status of fault. This scheme can be implemented using Xilinx and Spartan-6 FPGA platform. Compared to some previous works, this method achieves 99.99% fault coverage. In future work text input, can be replaced with audio or video input. 1![Figure 1: General Structure of AES [1]](image-2.png "Figure 1 :") 242![Figure 2: Block diagram of AES 32-bit [1]](image-3.png "2 . 4 .Figure 2 :") 3![Figure3: AES round with fault detection scheme[1] ](image-4.png "Figure 3 :") ![???0,??= (02???0,??) ?(03???1,??)???2,?? ???3,?? ???1,??=??0,?? ? (02???1,??)?(03???2,??)???2,?? ???3,?? ???2,??= ??0,?? ???1,?? ? (02???2,??)?(03???3,??) ???3,??= (03???2,??)???1,?? ???2,?? ? (02???3,??) Considering 03= 02 ? 01 this rule the equations can be re-written as: ???0,??= 02?(??0,?????1,??)???1,?????2,?? ???3,?? ???1,??= ??0,???02?(??1,?????2,??)???2,?? ???3,?? ???2,??= ??0,?????1,???02?(??2,?????3,??)???3,?? ???2,??= ??0,?????1,?????2,??? 02?(??3,?????0,??)](image-5.png "") 4![Figure 4: shows the simulation result of round1 operation.](image-6.png "Figure 4 :") 4![Figure 4: Simulation result of Round1 operation This result shows the round1 operation, in which Sub byte, Shift rows, Mix column and add round key operations are performed. Similarly, all 10 rounds are performed in AES encryption and decryption. Fa1 and Fa2 shows the status of fault in fig.4. If Fa=0, then no fault and if Fa=1, then fault is present. Fig.5 and Fig.6 shows simulation result of encryption and decryption operation.](image-7.png "Figure 4 :") 2Year 201726Volume XVII Issue II Version I( ) HGlobal Journal of Computer Science and Technology © 2017 Global Journals Inc. (US) © 20 7 Global Journa ls Inc. (US) * A high speed AES design resistant to fault injection attacks HassenMestiri BelgacemFatmakahri MohsenBouallegue Machhout Microprocessors and Microsystems journal 2016 Elsevier * Error detecting AES using polynomial residue number systems JChu MBenaissa Microprocessor and Microsystem journal 2012 37 * SLICED: Slide-based concurrent error detection technique for symmetric block ciphers JRajendran HBorad SMantravadi RKarri IEEE International Symposium on Hardware-Oriented Security and Trust 2010 * Concurrent structure independent fault detection schemes for the advanced encryption standard MMozaffari -Kermani AReyhani -Masoleh IEEE Transaction on computers 59 2010 * The AES encryption and decryption realization based on FPGA LLan Seventh International Conference on Computational Intelligence and Security CIS 2011. 2011 * High performance and reliable fault detection scheme for the advanced encryption standard HMestiri NBenhadjyoussef MMachhout RTourki International Rev. on Com. Soft. (IRECOS) 8 3 2013 * AES-512: 512-bit Advanced Encryption Standard algorithm design and evaluation AMoh'd YJararweh LTawalbeh 7th International Conference on Information Assurance and Security IAS 2011. 2011 * An efficient FPGA implementation of the Advanced Encryption Standard algorithm HoangTrang Nguyen Van Loi IEEE Symposium on Industrial Electronics & Applications (ISIEA) 2012 * A Robust fault detection scheme for the advance decryption standard HMestiri NBenhadjyoussef MMachhout RTourki International journal of Computer Network and Information Security(IJCNIS) 2013 * Strengthening hardware AES implementations against fault attacks MJoye PManet JBRigaud Sept, 2007 IET Information Security * Provably Secure Concurrent Error Detection Against Differential Fault Analysis DGuo RMukhopadhyay Karri IACR Cryptology ePrint Archive 2012 * Cryptography and Nework Security WilliamStallings 2003 Pearson Education Third Edition