Cryptology ePrint Archive: Report 2020/051

Low-Latency Hardware Masking with Application to AES

Pascal Sasdrich and Begül Bilgin and Michael Hutter and Mark Marson

Abstract: During the past two decades there has been a great deal of research published on masked hardware implementations of AES and other cryptographic primitives. Unfortunately, many hardware masking techniques can lead to increased latency compared to unprotected circuits for algorithms such as AES, due to the high-degree of nonlinear functions in their designs. In this paper, we present a hardware masking technique which does not increase the latency for such algorithms. It is based on the LUT-based Masked Dual-Rail with Pre-charge Logic (LMDPL) technique presented at CHES 2014. First, we show 1-glitch extended strong noninterference of a nonlinear LMDPL gadget under the 1-glitch extended probing model. We then use this knowledge to design an AES implementation which computes a full AES-128 operation in 10 cycles and a full AES-256 operation in 14 cycles. We perform practical side-channel analysis of our implementation using the Test Vector Leakage Assessment (TVLA) methodology and analyze univariate as well as bivariate t-statistics to demonstrate its DPA resistance level

Category / Keywords: implementation / AES, Low-Latency Hardware, LMDPL, Masking, Secure Logic Styles, Differential Power Analysis, TVLA, Embedded Security

Original Publication (in the same form): IACR-CHES-2020

Date: received 16 Jan 2020

Contact author: pascal sasdrich at rub de,bbilgin@rambus com,michael hutter@cryptography com,mark@cryptography com

Available format(s): PDF | BibTeX Citation

Version: 20200117:082941 (All versions of this report)

Short URL: ia.cr/2020/051


[ Cryptology ePrint archive ]