Paper 2005/087

AES side channel attack protection using random isomorphisms

Rostovtsev A.G. and Shemyakina O.V.

Abstract

General method of side-channel attacks protection, based on random cipher isomorphisms is presented. Isomorphic ciphers produce common outputs for common inputs. Cipher isomorphisms can be changed independently on transmitting and receiving sides. Two methods of RIJNDAEL protection are considered. The first one is based on random commutative isomorphisms of underlying structure. The set of field F256 isomorphisms consists of 30 subsets; each of them has 8 commutative elements presented as Galois group elements. This allows increasing the strength with respect to side channel attacks about 32 times, the encryption ratio decreases slightly. This method has relatively small efficiency. The second method is based on cipher byte affine isomorphisms s(x)= Lx+a, and allows in practice eliminate side-channel attacks. The rate of this method is approximately the same as in previous case. The most convenient affine isomorphisms are involutions. Method of such affine isomorphisms generation is presented.

Note: Isomorphic ciphers produce common output for common input but in general use different methods. If adversary knows first round input and output but does not know masked method, he cannot find round key. Universal approach for cipher protection is presented.