Cryptology ePrint Archive: Report 2017/395

Higher-Order Side-Channel Protected Implementations of Keccak

Hannes Gross and David Schaffenrath and Stefan Mangard

Abstract: The efficient protection of security critical devices against side-channel analysis attacks is a fundamental need in the age of Internet of Things and ubiquitous computing. In this work, we introduce a configurable hardware design of Keccak (SHA-3) which can be tailored to fulfill the needs of a wide range of different applications. Our Keccak design is therefore equipped with generic side-channel protection capabilities. The design can thus be synthesized for any desired protection level by just changing one design parameter. Regardless of its generic appearance, the introduced Keccak design yields the smallest (15.7 kGE) firstorder protected Keccak implementation published to this date. Furthermore, it is to the best of our knowledge the first higher-order side-channel resistant implementation of Keccak. In total, we state results for four different Keccak variants up to the ninth protection order.

Category / Keywords: implementation / Keccak, SHA-3, masking, domain-oriented masking, threshold implementations, DPA

Date: received 8 May 2017, last revised 8 May 2017

Contact author: hannes gross at iaik tugraz at

Available format(s): PDF | BibTeX Citation

Version: 20170509:121630 (All versions of this report)

Short URL: ia.cr/2017/395

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]