Book ChapterDOI
A First-Order SCA Resistant AES Without Fresh Randomness
Felix Wegener,Amir Moradi +1 more
- pp 245-262
TLDR
This work presents a new construction based on Threshold Implementations and Changing of the Guards to realize a first-order secure AES with zero per-round randomness, thereby enhancing security and reducing the overhead.Abstract:
Since the advent of Differential Power Analysis (DPA) in the late 1990s protecting embedded devices against Side-Channel Analysis (SCA) attacks has been a major research effort. Even though many different first-order secure masking schemes are available today, when applied to the AES S-box they all require fresh random bits in every evaluation. As the quality criteria for generating random numbers on an embedded device are not well understood, an integrated Random Number Generator (RNG) can be the weak spot of any protected implementation and may invalidate an otherwise secure implementation. We present a new construction based on Threshold Implementations and Changing of the Guards to realize a first-order secure AES with zero per-round randomness. Hence, our design does not need a built-in RNG, thereby enhancing security and reducing the overhead.read more
Citations
More filters
Posted Content
Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model
TL;DR: A novel laser-assisted SCA technique is presented, called Laser Logic State Imaging (LLSI), which offers an unlimited number of contactless probes, and therefore, violates the probing security model assumption.
Posted Content
SoK: Design Tools for Side-Channel-Aware Implementations.
TL;DR: This SoK classify approaches to automated leakage detection based on the model's source of truth on two main parameters: whether the model includes measurements from a concrete device and the abstraction level of the device specification used for constructing the model.
Proceedings ArticleDOI
First-Order Masking with Only Two Random Bits
TL;DR: It is demonstrated that first-order masking can in theory always be performed by just using two fresh random bits and without requiring online randomness, and the gap between theory and practice and the need for more accurate adversary models is discussed.
Journal ArticleDOI
TI-PUF: Toward Side-Channel Resistant Physical Unclonable Functions
Anita Aghaie,Amir Moradi +1 more
TL;DR: This paper makes it possible to apply a provably-secure masking countermeasure – Threshold Implementation (TI) – on a strong PUF design and demonstrates the ability of the construction to prevent the recovery of intermediate values through SCA measurements.
Journal ArticleDOI
Spin Me Right Round Rotational Symmetry for FPGA-Specific AES: Extended Version
TL;DR: This paper demonstrates a representation of the AES S-box exploiting rotational symmetry which leads to a 50% reduction in the area footprint on FPGA devices and introduces the smallest first-order masked AES implementation on Xilinx FPGAs, to date.
References
More filters
Book ChapterDOI
Differential Power Analysis
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Book ChapterDOI
PRESENT: An Ultra-Lightweight Block Cipher
Andrey Bogdanov,Lars R. Knudsen,Gregor Leander,Christof Paar,Axel Poschmann,Matthew Robshaw,Yannick Seurin,C. Vikkelsoe +7 more
TL;DR: An ultra-lightweight block cipher, present, which is competitive with today's leading compact stream ciphers and suitable for extremely constrained environments such as RFID tags and sensor networks.
Book ChapterDOI
Private Circuits: Securing Hardware against Probing Attacks
TL;DR: This paper proposes several efficient techniques for building private circuits resisting side channel attacks, and provides a formal threat model and proofs of security for their constructions.
Book ChapterDOI
A very compact s-box for AES
TL;DR: This work refines the most compact implementations of AES by examining many choices of basis for each subfield, not only polynomial bases as in previous work, but also normal bases, giving 432 cases to achieve a more compact S-box.
Journal Article
Threshold implementations against side-channel attacks and glitches
TL;DR: In this article, Masking techniques are employed to counter side-channel attacks that are based on multiple measurements of the same operation on different data, and they are not effective in the presence of glitches.