Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Securing the AES Finalists Against Power Analysis Attacks
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Efficient Rijndael Encryption Implementation with Composite Field Arithmetic
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Multiplicative Masking and Power Analysis of AES
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Simplified Adaptive Multiplicative Masking for AES
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
First-Order Side-Channel Attacks on the Permutation Tables Countermeasure
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
A generic method for secure Sbox implementation
WISA'07 Proceedings of the 8th international conference on Information security applications
Provably secure masking of AES
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
A side-channel analysis resistant description of the AES s-box
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Secure and efficient AES software implementation for smart cards
WISA'04 Proceedings of the 5th international conference on Information Security Applications
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
An efficient masking scheme for AES software implementations
WISA'05 Proceedings of the 6th international conference on Information Security Applications
An algebraic masking method to protect AES against power attacks
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Montgomery's trick and fast implementation of masked AES
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Thwarting higher-order side channel analysis with additive and multiplicative maskings
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
How far should theory be from practice?: evaluation of a countermeasure
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Secure multiple SBoxes implementation with arithmetically masked input
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
AES side-channel countermeasure using random tower field constructions
Designs, Codes and Cryptography
| Hi-index | 0.00 |
Side Channel Analysis (SCA) is a powerful key recovery attack that efficiently breaks block ciphers implementations. In software, it is usually counteracted by applying a technique called masking, that combines the key dependent variables with random values. When the block cipher to protect mixes affine functions and power functions, a natural strategy is to additively mask the first category of functions and to multiplicatively mask the second one. Several works that follow this strategy have been proposed in the literature, but all of them have been proved to be flawed or very costly. The main difficulty comes from the multiplicative masking of the zero value in a finite field. In this paper, we propose a scheme to multiplicatively mask power functions in such a way that the security against first-order SCA is maintained. We moreover show how to securely combine additive masking of affine transformations with multiplicative masking of power functions. We then apply our method to protect the AES implementation and we show that our proposal offers good timing/memory performances.