Paper 2023/1856

Optimizing AES Threshold Implementation under the Glitch-Extended Probing Model

Fu Yao, Institute of Software, Chinese Academy of Sciences, Beijing, China
Hua Chen, Institute of Software, Chinese Academy of Sciences, Beijing, China
Yongzhuang Wei, Guilin University of Electronic Technology, Guilin, China
Enes Pasalic, University of Primorska, FAMNIT, Koper, Slovenia
Feng Zhou, Institute of Software, Chinese Academy of Sciences, Beijing, China
Limin Fan, Institute of Software, Chinese Academy of Sciences, Beijing, China
Abstract

Threshold Implementation (TI) is a well-known Boolean masking technique that provides provable security against side-channel attacks. In the presence of glitches, the probing model was replaced by the so-called glitch-extended probing model which specifies a broader security framework. In CHES 2021, Shahmirzadi et al. introduced a general search method for finding first-order 2-share TI schemes without fresh randomness (under the presence of glitches) for a given encryption algorithm. Although it handles well single-output Boolean functions, this method has to store output shares in registers when extended to vector Boolean functions, which results in more chip area and increased latency. Therefore, the design of TI schemes that have low implementation cost under the glitch-extended probing model appears to be an important research challenge. In this paper, we propose an approach to design the first-order glitch-extended probing secure TI schemes when quadratic functions are employed in the substitution layer. This method only requires a small amount of fresh random bits and a single clock cycle for its implementation. In particular, the random bits in our approach are reusable and compatible with the changing of the guards technique. Our dedicated TI scheme for the AES cipher gives 20.23% smaller implementation area and 4.2% faster encryption compared to the TI scheme of AES (without using fresh randomness) proposed in CHES 2021. Additionally, we propose a parallel implementation of two S-boxes that further reduces latency (about 39.83%) at the expense of increasing the chip area by 9%. We have positively confirmed the security of AES under the glitch-extended probing model using the verification tool - SILVER and the side-channel leakage assessment method - TVLA.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
Threshold ImplementationThreshold ImplementationAESLeakage Assessment
Contact author(s)
yaofu2020 @ iscas ac cn
chenhua @ iscas ac cn
walker_wyz @ guet edu cn
enes pasalic6 @ gmail com
zhoufeng2021 @ iscas ac cn
fanlimin @ iscas ac cn
History
2023-12-04: approved
2023-12-03: received
See all versions
Short URL
https://ia.cr/2023/1856
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1856,
      author = {Fu Yao and Hua Chen and Yongzhuang Wei and Enes Pasalic and Feng Zhou and Limin Fan},
      title = {Optimizing {AES} Threshold Implementation under the Glitch-Extended Probing Model},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1856},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1856}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.