Paper 2015/727

DPA, Bitslicing and Masking at 1 GHz

Josep Balasch, Benedikt Gierlichs, Oscar Reparaz, and Ingrid Verbauwhede


We present DPA attacks on an ARM Cortex-A8 processor running at 1 GHz. This high-end processor is typically found in portable devices such as phones and tablets. In our case, the processor sits in a single board computer and runs a full-fledged Linux operating system. The targeted AES implementation is bitsliced and runs in constant time and constant flow. We show that, despite the complex hardware and software, high clock frequencies and practical measurement issues, the implementation can be broken with DPA starting from a few thousand measurements of the electromagnetic emanation of a decoupling capacitor near the processor. To harden the bitsliced implementation against DPA attacks, we mask it using principles of hardware gate-level masking. We evaluate the security of our masked implementation against first-order and second-order attacks. Our experiments show that successful attacks require roughly two orders of magnitude more measurements.

Available format(s)
Publication info
A minor revision of an IACR publication in CHES 2015
side-channel analysisDPAARM Cortex-A8bitslicinggate-level masking
Contact author(s)
josep balasch @ esat kuleuven be
2015-07-21: received
Short URL
Creative Commons Attribution


      author = {Josep Balasch and Benedikt Gierlichs and Oscar Reparaz and Ingrid Verbauwhede},
      title = {DPA, Bitslicing and Masking at 1 GHz},
      howpublished = {Cryptology ePrint Archive, Paper 2015/727},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.