Cryptology ePrint Archive: Report 2021/1425

Improving First-Order Threshold Implementations of SKINNY

Andrea Caforio and Daniel Collins and Ognjen Glamocanin and Subhadeep Banik

Abstract: Threshold Implementations have become a popular generic technique to construct circuits resilient against power analysis attacks. In this paper, we look to devise efficient threshold circuits for the lightweight block cipher family SKINNY. The only threshold circuits for this family are those proposed by its designers who decomposed the 8-bit S-box into four quadratic S-boxes, and constructed a 3-share byte-serial threshold circuit that executes the substitution layer over four cycles. In particular, we revisit the algebraic structure of the S-box and prove that it is possible to decompose it into (a) three quadratic S-boxes and (b) two cubic S-boxes. Such decompositions allow us to construct threshold circuits that require three shares and executes each round function in three cycles instead of four, and similarly circuits that use four shares requiring two cycles per round. Our constructions significantly reduce latency and energy consumption per encryption operation. Notably, to validate our designs, we synthesize our circuits on standard CMOS cell libraries to evaluate performance, and we conduct leakage detection via statistical tests on power traces on FPGA platforms to assess security.

Category / Keywords: implementation / DPA, Masking, SKINNY, Threshold Implementation

Original Publication (in the same form): INDOCRYPT-2021

Date: received 22 Oct 2021

Contact author: andrea caforio at epfl ch, daniel collins at epfl ch, ognjen glamocanin at epfl ch, subhadeep banik at epfl ch

Available format(s): PDF | BibTeX Citation

Version: 20211024:073904 (All versions of this report)

Short URL: ia.cr/2021/1425


[ Cryptology ePrint archive ]