Paper 2021/868

Low-Latency Hardware Masking of PRINCE

Nicolai Müller, Thorben Moos, and Amir Moradi

Abstract

Efficient implementation of Boolean masking in terms of low latency has evolved into a hot topic due to the necessity of embedding a physically secure and at-the-same-time fast implementation of cryptographic primitives in e.g., the memory encryption of pervasive devices. Instead of fully minimizing the circuit's area and randomness requirements at the cost of latency, the focus has changed into finding optimal tradeoffs between the circuit area and the execution time. The main latency bottleneck in hardware masking lies in the need for registers to stop the propagation of glitches and maintain non-completeness. Usually, an exponentially growing number of shares (hence an extremely large circuit), as well as a high demand for fresh randomness, are the result of avoiding registers in a securely masked hardware implementation of a block cipher. In this paper, we present several first-order secure and low-latency implementations of PRINCE. In particular, we show how to realize the masked variant of round-based PRINCE with only a single register stage per cipher round. We compare the resulting architectures, based on the popular TI and GLM masking scheme based on the area, latency, and randomness requirements and point out that both designs are suited for specific use cases.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. 12th In­ter­na­tio­nal Work­shop on Con­struc­tive Si­de-Chan­nel Ana­ly­sis and Se­cu­re De­sign, CO­SA­DE 2021, Luga­no, Swit­z­er­land, Oc­to­ber 25-27, 2021
Keywords
Side-Channel AnalysisMaskingHardwarelow-latencyPRINCE
Contact author(s)
nicolai mueller @ rub de
thorben moos @ rub de
amir moradi @ rub de
History
2021-06-24: received
Short URL
https://ia.cr/2021/868
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/868,
      author = {Nicolai Müller and Thorben Moos and Amir Moradi},
      title = {Low-Latency Hardware Masking of {PRINCE}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/868},
      year = {2021},
      url = {https://eprint.iacr.org/2021/868}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.