Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Serpent: A New Block Cipher Proposal
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
A Fast New DES Implementation in Software
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
AES Power Attack Based on Induced Cache Miss and Countermeasure
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
A refined look at Bernstein's AES side-channel analysis
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Side channel cryptanalysis of product ciphers
Journal of Computer Security
On the Power of Bitslice Implementation on Intel Core2 Processor
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
New AES Software Speed Records
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Advances on access-driven cache attacks on AES
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
A fast and cache-timing resistant implementation of the AES
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Cache-collision timing attacks against AES
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
How far can we go on the x64 processors?
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
The security and performance of the galois/counter mode (GCM) of operation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Accelerating AES with Vector Permute Instructions
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Implementing virtual secure circuit using a custom-instruction approach
CASES '10 Proceedings of the 2010 international conference on Compilers, architectures and synthesis for embedded systems
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Consecutive S-box lookups: a timing attack on SNOW 3G
ICICS'10 Proceedings of the 12th international conference on Information and communications security
SSLShader: cheap SSL acceleration with commodity processors
Proceedings of the 8th USENIX conference on Networked systems design and implementation
The software performance of authenticated-encryption modes
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Really fast syndrome-based hashing
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
A new variant of PMAC: beyond the birthday bound
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A new combinational logic minimization technique with applications to cryptology
SEA'10 Proceedings of the 9th international conference on Experimental Algorithms
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Secure and fast implementations of two involution ciphers
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Improving the performance of the SYND stream cipher
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
The security impact of a new cryptographic library
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Lightweight cryptography for the cloud: exploit the power of bitslice implementation
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
We present a bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors. Running at 7.59 cycles/byte on a Core 2, it is up to 25% faster than previous implementations, while simultaneously offering protection against timing attacks. In particular, it is the only cache-timing-attack resistant implementation offering competitive speeds for stream as well as for packet encryption: for 576-byte packets, we improve performance over previous bitsliced implementations by more than a factor of 2. We also report more than 30% improved speeds for lookup-table based Galois/Counter mode authentication, achieving 10.68 cycles/byte for authenticated encryption. Furthermore, we present the first constant-time implementation of AES-GCM that has a reasonable speed of 21.99 cycles/byte, thus offering a full suite of timing-analysis resistant software for authenticated encryption.