The structured design of cryptographically good s-boxes
Journal of Cryptology
On the distribution of characteristics in bijective mappings
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Compact Rijndael Hardware Architecture with S-Box Optimization
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Efficient Rijndael Encryption Implementation with Composite Field Arithmetic
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Side Channel Cryptanalysis of a Higher Order Masking Scheme
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis
Fast Software Encryption
Blind differential cryptanalysis for enhanced power attacks
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Provably secure higher-order masking of AES
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Provably secure masking of AES
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
A side-channel analysis resistant description of the AES s-box
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Higher order masking of the AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
An AES smart card implementation resistant to power analysis attacks
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
An efficient masking scheme for AES software implementations
WISA'05 Proceedings of the 6th international conference on Information Security Applications
PICARO: a block cipher allowing efficient higher-order side-channel resistance
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Higher-Order masking schemes for s-boxes
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
On the use of shamir's secret sharing against side-channel analysis
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Block ciphers that are easier to mask: how far can we go?
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Masking vs. multiparty computation: how large is the gap for AES?
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Analysis and improvement of the generic higher-order masking scheme of FSE 2012
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
| Hi-index | 0.00 |
This paper proposes an efficient and secure higher-order masking algorithm for AES S-box that consumes the most computation time of the higher-order masked AES. During the past few years, much of the research has focused on finding higher-order masking schemes for this AES S-box, but these are still slow for embedded processors use. Our proposed higher-order masking of AES S-box is constructed based on the inversion operation over the composite field. We replace the subfield operations over the composite field into the table lookup operation, but these precomputation tables do not require much ROM space because these are the operations over GF(24). In the implementation results, we show that the higher-order masking scheme using our masked S-box is about 2.54 (second-order masking) and 3.03 (third-order masking) times faster than the fastest method among the existing higher-order masking schemes of AES.