Projekte pro Jahr
Abstract
Cryptographic devices in hostile environments can be vulnerable to physical attacks such as power analysis. Masking is a popular countermeasure against such attacks, which works by splitting every sensitive variable into d + 1 randomized shares. The implementation cost of the masking countermeasure in hardware increases significantly with the masking order d, and protecting designs often results in a large overhead. One of the main drivers of the cost is the required amount of fresh randomness for masking the non-linear parts of a cipher. In the case of AES, first-order designs have been built without the need for any fresh randomness, but state-of-the-art higher-order designs still require a significant number of random bits per encryption. Attempts to reduce the randomness however often result in a considerable latency overhead, which is not favorable in practice. This raises the need for AES designs offering a decent performance tradeoff, which are efficient both in terms of required randomness and latency. In this work, we present a second-order AES design with the minimal number of three shares, requiring only 3 200 random bits per encryption at a latency of 5 cycles per round. Our design represents a significant improvement compared to state-of-the-art designs that require more randomness and/or have a higher latency. The core of the design is an optimized 5-cycle AES S-box which needs 78 bits of fresh randomness. We use this S-box to construct a round-based AES design, for which we present a concept for sharing randomness across the S-boxes based on the changing of the guards (COTG) technique. We assess the security of our design in the probing model using a formal verification tool. Furthermore, we evaluate the practical side-channel resistance on an FPGA.
Originalsprache | englisch |
---|---|
Seiten (von - bis) | 309-335 |
Seitenumfang | 27 |
Fachzeitschrift | IACR Transactions on Cryptographic Hardware and Embedded Systems |
Jahrgang | 2024 |
Ausgabenummer | 1 |
DOIs | |
Publikationsstatus | Veröffentlicht - 4 Dez. 2023 |
ASJC Scopus subject areas
- Software
- Artificial intelligence
- Signalverarbeitung
- Hardware und Architektur
- Computernetzwerke und -kommunikation
- Computergrafik und computergestütztes Design
Fingerprint
Untersuchen Sie die Forschungsthemen von „Smooth Passage with the Guards: Second-Order Hardware Masking of the AES with Low Randomness and Low Latency“. Zusammen bilden sie einen einzigartigen Fingerprint.-
Spezialforschungsbereich (SFB) F85 Semantische und kryptographische Grundlagen von Sicherheit und Datenschutz durch Compositional Design (FWF - SPyCoDe)
1/01/23 → 31/12/26
Projekt: Forschungsprojekt
-
Verlaesslichkeit im Internet der Dinge
Boano, C. A., Kubin, G., Bloem, R., Horn, M., Pernkopf, F., Zakany, N., Mangard, S., Witrisal, K., Römer, K. U., Aichernig, B., Bösch, W., Baunach, M. C., Tappler, M., Malenko, M., Weiser, S., Eichlseder, M., Leitinger, E., Grosinger, J., Großwindhager, B., Ebrahimi, M., Alothman Alterkawi, A. B., Knoll, C., Teschl, R., Saukh, O., Rath, M., Steinberger, M., Steinbauer-Wagner, G. & Tranninger, M.
1/01/16 → 31/03/22
Projekt: Forschungsprojekt