Paper 2016/631

Masking AES with d+1 Shares in Hardware

Thomas De Cnudde, Oscar Reparaz, Begül Bilgin, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen


Masking requires splitting sensitive variables into at least d + 1 shares to provide security against DPA attacks at order d. To this date, this minimal number has only been deployed in software implementations of cryptographic algorithms and in the linear parts of their hardware counterparts. So far there is no hardware construction that achieves this lower bound if the function is nonlinear and the underlying logic gates can glitch. In this paper, we give practical implementations of the AES using d + 1 shares aiming at first- and second-order security even in the presence of glitches. To achieve this, we follow the conditions presented by Reparaz et al. at CRYPTO 2015 to allow hardware masking schemes, like Threshold Implementations, to provide theoretical higher-order security with d + 1 shares. The decrease in number of shares has a direct impact in the area requirements: our second-order DPA resistant core is the smallest in area so far, and its S-box is 50% smaller than the current smallest Threshold Implementation of the AES S-box with similar security and attacker model. We assess the security of our masked cores by practical side-channel evaluations. The security guarantees are met with 100 million traces.

Available format(s)
Publication info
Published by the IACR in CHES 2016
AESDPAMaskingThreshold Implementation
Contact author(s)
thomas decnudde @ esat kuleuven be
2016-06-24: last of 2 revisions
2016-06-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Thomas De Cnudde and Oscar Reparaz and Begül Bilgin and Svetla Nikova and Ventzislav Nikov and Vincent Rijmen},
      title = {Masking AES with d+1 Shares in Hardware},
      howpublished = {Cryptology ePrint Archive, Paper 2016/631},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.