Paper 2022/1628
Analyzing the Leakage Resistance of the NIST's Lightweight Crypto Competition's Finalists
, UCLouvain, Graz University of Technology, Lamarr Security Research, UCLouvainAbstract
We investigate the security of the NIST Lightweight Crypto Competition’s Finalists against side-channel attacks. We start with a mode-level analysis that allows us to put forward three candidates (As- con, ISAP and Romulus-T) that stand out for their leakage properties and do not require a uniform protection of all their computations thanks to (expensive) implementation-level countermeasures. We then implement these finalists and evaluate their respective performances. Our results confirm the interest of so-called leveled implementations (where only the key derivation and tag generation require security against differential power analysis). They also suggest that these algorithms differ more by their qualitative features (e.g., two-pass designs to improve confidentiality with decryption leakage vs. one-pass designs, flexible overheads thanks to masking vs. fully mode-level, easier to implement, schemes) than by their quantitative features, which all improve over the AES and are quite sensitive to security margins against cryptanalysis.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. CARDIS 2022
- Keywords
- leakage-resilient NIST LWC
- Contact author(s)
-
corentin verhamme @ uclouvain be
gaetan cassiers @ uclouvain be
fstandae @ uclouvain be - History
- 2022-11-23: approved
- 2022-11-22: received
- See all versions
- Short URL
- https://ia.cr/2022/1628
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1628,
author = {Corentin Verhamme and Gaëtan Cassiers and François-Xavier Standaert},
title = {Analyzing the Leakage Resistance of the {NIST}'s Lightweight Crypto Competition's Finalists},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/1628},
year = {2022},
url = {https://eprint.iacr.org/2022/1628}
}
