Cryptology ePrint Archive: Report 2018/1088

High-speed Side-channel-protected Encryption and Authentication in Hardware

Nele Mentens and Vojtech Miskovsky and Martin Novotny and Jo Vliegen

Abstract: This paper describes two FPGA implementations for the encryption and authentication of data, based on the AES algorithm running in Galois/Counter mode (AES-GCM). Both architectures are protected against side-channel analysis attacks through the use of a threshold implementation (TI). The first architecture is fully unrolled and optimized for throughput. The second architecture uses a round-based structure, fits on a relatively small FPGA board, and is evaluated for side-channel attack resistance. We perform a Test Vector Leakage Assessment (TVLA), which shows no first-order leakage in the power consumption of the FPGA. To the best of our knowledge, our work is (1) the first to describe a throughput-optimized FPGA architecture of AES-GCM, protected against first-order side-channel information leakage, and (2) the first to evaluate the side-channel attack resistance of a TI-protected AES-GCM implementation.

Category / Keywords: implementation / AES, Galois/Counter Mode (GCM), FPGA, Threshold Implementation (TI), Test Vector Leakage Assessment (TVLA)

Original Publication (with major differences): 2018 IEEE 3rd International Verification and Security Workshop (IVSW)

Date: received 9 Nov 2018

Contact author: nele mentens at kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20181109:165307 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]