Paper 2013/067

Power Analysis of Hardware Implementations Protected with Secret Sharing

Guido Bertoni, Joan Daemen, Nicolas Debande, Thanh-Ha Le, Michael Peeters, and Gilles Van Assche


We analyze the security of three-share hardware implementations against differential power analysis and advanced variants such as mutual information analysis. We present dedicated distinguishers that allow to recover secret key bits from any cryptographic primitive that is implemented as a sequence of quadratic functions. Starting from the analytical treatment of such distinguishers and information-theoretic arguments, we derive the success probability and required number of traces in the presence of algorithmic noise. We show that attacks on three-share hardware implementation require a number of traces that scales in the third power of the algorithmic noise variance. Finally, we apply and test our model on Keccak in a keyed mode.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Extended version of paper presented at Workshop on Hardware and Architectural Support for Security and Privacy (HASP) in Vancouver, BC, Canada, December 2, 2012
power analysisquadratic functionsmutual information analysisKeccak
Contact author(s)
joan daemen @ st com
2013-02-20: received
Short URL
Creative Commons Attribution


      author = {Guido Bertoni and Joan Daemen and Nicolas Debande and Thanh-Ha Le and Michael Peeters and Gilles Van Assche},
      title = {Power Analysis of Hardware Implementations Protected with Secret Sharing},
      howpublished = {Cryptology ePrint Archive, Paper 2013/067},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.