Paper 2017/632

Generalized Polynomial Decomposition for S-boxes with Application to Side-Channel Countermeasures

Dahmun Goudarzi, Matthieu Rivain, Damien Vergnaud, and Srinivas Vivek

Abstract

Masking is a widespread countermeasure to protect implementations of block-ciphers against side-channel attacks. Several masking schemes have been proposed in the literature that rely on the efficient decomposition of the underlying s-box(es). We propose a generalized decomposition method for s-boxes that encompasses several previously proposed methods while providing new trade-offs. It allows to evaluate $n\lambda$-bit to $m\lambda$-bit s-boxes for any integers $n,m,\lambda \geq 1$ by seeing it a sequence of $m$ $n$-variate polynomials over $\mathbb{F_{2^\lambda}}$ and by trying to minimize the number of multiplications over $\mathbb{F_{2^\lambda}}$.

Metadata
Available format(s)
PDF
Publication info
Published by the IACR in CHES 2017
Keywords
s-box decompositionside-channel countermeasuremaskingsoftware implementationblock cipher
Contact author(s)
dahmun goudarzi @ cryptoexperts com
matthieu rivain @ gmail com
damien vergnaud @ ens fr
sv venkatesh @ bristol ac uk
History
2017-06-27: received
Short URL
https://ia.cr/2017/632
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/632,
      author = {Dahmun Goudarzi and Matthieu Rivain and Damien Vergnaud and Srinivas Vivek},
      title = {Generalized Polynomial Decomposition for S-boxes with Application to Side-Channel Countermeasures},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/632},
      year = {2017},
      url = {https://eprint.iacr.org/2017/632}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.