PICARO: a block cipher allowing efficient higher-order side-channel resistance

Authors:
Gilles Piret;Thomas Roche;Claude Carlet
Affiliations:
Oberthur Technologies, Nanterre, France;ANSSI, Paris 07, SP, France;LAGA, Universities of Paris 8 and Paris 13, CNRS, Saint-Denis Cedex, France
Venue:
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Year:
2012

Citing 28
Cited 2

Differentially uniform mappings for cryptography

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Linear cryptanalysis method for DES cipher

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
New types of cryptanalytic attacks using related keys

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On Weaknesses of Non–surjective Round Functions

Designs, Codes and Cryptography - Special issue: selected areas in cryptography I
The Design of Rijndael

The Design of Rijndael
On Propagation Characteristics of Resilient Functions

SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Towards Sound Approaches to Counteract Power-Analysis Attacks

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of DES-like Cryptosystems

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Key-Schedule Cryptoanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Slide Attacks

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
DES and Differential Power Analysis (The "Duplication" Method)

CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Mutual Information Analysis

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Markov ciphers and differential cryptanalysis

EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Perfect nonlinear S-boxes

EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Advanced slide attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Analysis and improvement of the random delay countermeasure of CHES 2009

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Provably secure higher-order masking of AES

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

Journal of Cryptology - Special Issue on Hardware and Security
Relating three nonlinearity parameters of vectorial functions and building APN functions from bent functions

Designs, Codes and Cryptography
Higher-order glitches free implementation of the AES using secure multi-party computation protocols

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
A fast and provably secure higher-order masking of AES S-box

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Thwarting higher-order side channel analysis with additive and multiplicative maskings

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Provably secure masking of AES

SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
New improvements of davies-murphy cryptanalysis

ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
A side-channel analysis resistant description of the AES s-box

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Higher order masking of the AES

CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
On feistel structures using a diffusion switching mechanism

FSE'06 Proceedings of the 13th international conference on Fast Software Encryption

S-box construction from non-permutation power functions

Proceedings of the 6th International Conference on Security of Information and Networks
Block ciphers that are easier to mask: how far can we go?

CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Many papers deal with the problem of constructing an efficient masking scheme for existing block ciphers. We take the reverse approach: that is, given a proven masking scheme (Rivain and Prouff, CHES 2010) we design a block cipher that fits well the masking constraints. The difficulty of implementing efficient masking for a block cipher comes mainly from the S-boxes. Therefore the choice of an adequate S-box is the first and most critical step of our work. The S-box we selected is non-bijective; we discuss the resulting design and security problems. A complete design of the cipher is given, as well as some implementation results.