Cryptology ePrint Archive: Report 2021/734

First-Order Hardware Sharings of the AES

Siemen Dhooghe and Svetla Nikova and Vincent Rijmen

Abstract: We provide three first-order sharings of the AES each allowing for a different trade-off between the number of shares and the number of register stages. All sharings use a generalization of the changing of the guards method by allowing randomness to be used in the shared S-box. As a result, the sharings have minimal randomness requirements. The sharings are written out in detail to ease implementation efforts.

Category / Keywords: implementation / AES, DPA, Hardware, Probing Security, Threshold Implementations

Date: received 1 Jun 2021, last revised 9 Sep 2021

Contact author: siemen dhooghe at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Note: - Changed the order of the bits for the linear and inverse linear layers in the S-box sharings.

Version: 20210909:100924 (All versions of this report)

Short URL: ia.cr/2021/734


[ Cryptology ePrint archive ]