Cryptology ePrint Archive: Report 2018/949

Constructing TI-Friendly Substitution Boxes using Shift-Invariant Permutations

Si Gao and Arnab Roy and and Elisabeth Oswald

Abstract: The threat posed by side channels requires ciphers that can be efficiently protected in both software and hardware against such attacks. In this paper, we proposed a novel Sbox construction based on iterations of shift-invariant quadratic permutations and linear diffusions. Owing to the selected quadratic permutations, all of our Sboxes enable uniform 3-share threshold implementations, which provide first order SCA protections without any fresh randomness. More importantly, because of the "shift-invariant" property, there are ample implementation trade-offs available, in software as well as hardware. We provide implementation results (software and hardware) for a four-bit and an eight-bit Sbox, which confirm that our constructions are competitive and can be easily adapted to various platforms as claimed. We have successfully verified their resistance to first order attacks based on real acquisitions. Because there are very few studies focusing on software-based threshold implementations, our software implementations might be of independent interest in this regard.

Category / Keywords: Shift-invariant, Threshold implementation, Sbox

Original Publication (with major differences): CT-RSA 2019

Date: received 5 Oct 2018, last revised 15 Feb 2019

Contact author: si gao at bristol ac uk

Available format(s): PDF | BibTeX Citation

Note: Fixing incorrect data in Table 1, 28 contains 4 linear permutations.

Version: 20190215:112416 (All versions of this report)

Short URL: ia.cr/2018/949