Open AccessJournal Article
A More Efficient AES Threshold Implementation
V. Neelima,M. Sanjay +1 more
TLDR
A very compact hardware implementation of AES-128, which requires only 2400 GE, which is to the best of the knowledge the smallest implementation reported so far and improves the level of resistance against first-order side-channel attacks.Abstract:
Our contribution is two fold: first we describe a very compact hardware implementation of AES-128, which requires only 2400 GE. This is to the best of our knowledge the smallest implementation reported so far. Then we apply the threshold countermeasure by Nikova et al. to the AES S-box and yield an implementation of the AES improving the level of resistance against first-order side-channel attacks. Our experimental results on real-world power traces show that although our implementation provides additional security, it is still susceptible to some sophisticated attacks having enough number of measurements.read more
Citations
More filters
Book ChapterDOI
Consolidating Masking Schemes
TL;DR: It is shown that the Ishai–Sahai–Wagner private circuits construction is closely related to Threshold Implementations and the Trichina gate.
Proceedings ArticleDOI
Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order
TL;DR: This talk demonstrates how the costs for protecting digital circuits against passive physical attacks can be lowered significantly and introduces a novel masking approach called domain-oriented masking (DOM), which provides the same level of security as threshold implementations (TI), while it requires less chip area and less randomness.
Posted Content
State of the Art in Lightweight Symmetric Cryptography
Alex Biryukov,Léo Perrin +1 more
TL;DR: The different implementation constraints that a “lightweight” algorithm is usually designed to satisfy in both the software and the hardware case are discussed and a clearer distinction between two subsets of lightweight cryptography is suggested.
Book ChapterDOI
An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order
TL;DR: This work revisits the private circuits scheme of Ishai et al.
Posted Content
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model.
Gilles Barthe,François Dupressoir,Sebastian Faust,Benjamin Grégoire,François-Xavier Standaert,Pierre-Yves Strub +5 more
TL;DR: In this article, the authors provide a necessary clarification of the good security properties that can be obtained from parallel implementations of masking schemes and prove that probing security for a serial implementation implies bounded moment security for its parallel counterpart.
References
More filters
Proceedings ArticleDOI
Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order
TL;DR: This talk demonstrates how the costs for protecting digital circuits against passive physical attacks can be lowered significantly and introduces a novel masking approach called domain-oriented masking (DOM), which provides the same level of security as threshold implementations (TI), while it requires less chip area and less randomness.
Posted Content
State of the Art in Lightweight Symmetric Cryptography
Alex Biryukov,Léo Perrin +1 more
TL;DR: The different implementation constraints that a “lightweight” algorithm is usually designed to satisfy in both the software and the hardware case are discussed and a clearer distinction between two subsets of lightweight cryptography is suggested.
Book ChapterDOI
An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order
TL;DR: This work revisits the private circuits scheme of Ishai et al.
Posted Content
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model.
Gilles Barthe,François Dupressoir,Sebastian Faust,Benjamin Grégoire,François-Xavier Standaert,Pierre-Yves Strub +5 more
TL;DR: In this article, the authors provide a necessary clarification of the good security properties that can be obtained from parallel implementations of masking schemes and prove that probing security for a serial implementation implies bounded moment security for its parallel counterpart.
Book ChapterDOI
Does Coupling Affect the Security of Masked Implementations
Thomas De Cnudde,Begül Bilgin,Benedikt Gierlichs,Ventzislav Nikov,Svetla Nikova,Vincent Rijmen +5 more
TL;DR: In this paper, the effect of the physical placement on the security using leakage assessment on power measurements collected from an FPGA was investigated, where threshold implementations were used as masking scheme in conjunction with a high-entropy pseudorandom number generator.