Substitution functions (S-boxes) play an important role in the security of AES-like cryptosystems, but the cryptosystems are highly vulnerable against fault injection attacks. Some research has been carried out previously to prevent fault injection attacks on AES, but most of the countermeasures are restricted to the detection of faults only, and they only work at the cost of large hardware needed for duplicating the S-boxes. In this paper, we present a design construction of fault-resilient S-boxes for AES-like block ciphers by fault detection and correction. The random evolution of cellular automata with linear and nonlinear neighborhood functions is exploited to design these S-boxes. The proposed design guarantees 100% coverage of single-byte fault correction and double-byte fault detection in the S-boxes. The FPGA implementation shows that our design makes the substitution boxes fault-resilient with 21.34% extra hardware compared to the AES substitution layer.

替代功能（S-box）在类AES密码系统的安全性中起着重要作用，但是该密码系统极易受到故障注入攻击的攻击。先前已经进行了一些研究来防止对AES的故障注入攻击，但是大多数对策仅限于检测故障，并且它们仅以复制S盒所需的大型硬件为代价来工作。在本文中，我们通过故障检测和纠正提出了一种针对AES类分组密码的故障弹性S盒的设计构造。利用线性和非线性邻域函数的元胞自动机的随机演化来设计这些S盒。拟议的设计保证100 ％S盒中有关单字节故障纠正和双字节故障检测的内容。FPGA实现表明，与AES替代层相比，我们的设计使替代盒具有21.34 ％的额外硬件故障容错能力。