Cryptology ePrint Archive: Report 2016/434
A Tale of Two Shares: Why Two-Share Threshold Implementation Seems Worthwhile-and Why it is Not
Cong Chen and Mohammad Farmani and Thomas Eisenbarth
Abstract: In this work, we explore the possibilities for practical Threshold Implementation (TI) with only two shares in order for a smaller design that needs less randomness but is still first-order leakage resistant.
We present the first two-share Threshold Implementations of two lightweight block ciphers---Simon and Present. The implementation results show that two-share TI gains in compactness while loses in throughput compared with three-share schemes. Moreover, the leakage analyses show that two-share TI retains perfect first-order resistance but is shadowed by a strong second-order leakage, making it less worthwhile.
Category / Keywords: implementation / Threshold Implementation, Paired t-test, Lightweight Cryptography, FPGA
Date: received 2 May 2016
Contact author: teisenbarth at wpi edu
Available format(s): PDF | BibTeX Citation
Version: 20160504:093220 (All versions of this report)
Short URL: ia.cr/2016/434
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]