Cryptology ePrint Archive: Report 2002/091
Multiplicative Masking and Power Analysis of AES
Jovan Dj. Golić
Abstract: The recently proposed multiplicative masking countermeasure against power
analysis attacks on AES is interesting as it does not require the costly recomputation and RAM storage
of S-boxes for every run of AES. This is important for applications where the
available space is very limited such as the smart card applications.
Unfortunately, it is here shown that this method is
in fact inherently vulnerable to differential power analysis.
Other possible random masking methods are also discussed.
Category / Keywords: secret-key cryptography / AES, differential power analysis, countermeasures, multiplicative masking
Publication Info: Presented at (internal) Gemplus Quarterly meeting, La Ciotat, France, October 30-31, 2001.
Date: received 8 Jul 2002
Contact author: jovan golic at gemplus com
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation
Version: 20020708:211750 (All versions of this report)
Short URL: ia.cr/2002/091
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]