A Masked AES ASIC Implementation ∗
نویسندگان
چکیده
Introduced in 1999, differential power-analysis (DPA) attacks pose a serious threat for cryptographic devices. Several countermeasures have been proposed during the last years. However, none of them leads to implementations that are provably resistant against DPA. A promising class of DPA countermeasures is masking. In this article we discuss implementations of three existing masking schemes for the Advanced Encryption Standard (AES). We present an ASIC that has been implemented and manufactured. This test chip is used to investigate the countermeasures in practice. With this test chip we have also determined the costs of masking in terms of area and execution time. Compared to an unmasked AES implementation the best masking scheme shows a performance loss about 40-50%. To the best of the authors knowledge it is the first ASIC that implements masking for AES.
منابع مشابه
Successfully Attacking Masked AES Hardware Implementations
During the last years, several masking schemes for AES have been proposed to secure hardware implementations against DPA attacks. In order to investigate the effectiveness of these countermeasures in practice, we have designed and manufactured an ASIC. The chip features an unmasked and two masked AES-128 encryption engines that can be attacked independently. In addition to conventional DPA atta...
متن کاملPutting together What Fits together - GrÆStl
We present GrÆStl, a combined hardware architecture for the Advanced Encryption Standard (AES) and Grøstl, one of the final round candidates of the SHA-3 hash competition. GrÆStl has been designed for low-resource devices implementing AES-128 (encryption and decryption) as well as Grøstl-256 (tweaked version). We applied several resource-sharing optimizations and based our design on an 8/16-bit...
متن کاملA Hybrid Approach to Concurrent Error Detection for a Compact ASIC Implementation of the Advanced Encryption Standard
In this paper, we investigate the application of concurrent error detection circuitry to a compact application-specific integrated circuit (ASIC) implementation of the Advanced Encryption Standard (AES). The specific objective of the design is to develop a method suitable for compact ASIC implementations targeted to embedded systems such that the system is resistant to fault attacks. To provide...
متن کاملArchitectural Optimization of Aes Transformations and Keyexpansion
Advanced Encryption Standard (AES), is a cryptographic algorithm used for data protection. Designing an efficient hardware architecture for AES with small hardware resource usage is a challenge. Many works are going on for the efficient implementation of AES. The cost and power consumption of the AES can be reduced considerably by optimizing the architecture of AES. AES uses different data tran...
متن کاملCompact and Secure Design of Masked AES S-Box
Composite field arithmetic is known as an alternative method for lookup tables in implementation of S-box block of AES algorithm. The idea is to breakdown the computations to lower order fields and compute the inverse there. Recently this idea have been used both for reducing the area in implementation of S-boxes and masking implementations of AES algorithm. The most compact design using this t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004