Threshold Implementations of all 3x3 and 4x4 S-boxes

Side-channel attacks have proven many hardware implementations of cryptographic algorithms to be vulnerable. A recently proposed masking method, based on secret sharing and multi-party computation methods, introduces a set of sufficient requirements for implementations to be provably resistant against first-order DPA with minimal assumptions on the hardware. The original paper doesn't describe how to construct the Boolean functions that are to be used in the implementation. In this paper, we derive the functions for all invertible 3 ×3, 4 ×4 S-boxes and the 6 ×4 DES S-boxes. Our methods and observations can also be used to accelerate the search for sharings of larger (e.g. 8 ×8) S-boxes. Finally, we investigate the cost of such protection.

[1]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[2]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.

[3]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[4]  Jianying Zhou,et al.  Information and Communications Security , 2013, Lecture Notes in Computer Science.

[5]  Joos Vandewalle,et al.  A New Approach to Block Cipher Design , 1993, FSE.

[6]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[7]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[8]  K. Conrad,et al.  Finite Fields , 2018, Series and Products in the Development of Mathematics.

[9]  Vincent Rijmen,et al.  A Side-Channel Analysis Resistant Description of the AES S-Box , 2005, FSE.

[10]  Yang Li,et al.  On the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting , 2011, CHES.

[11]  Kyung-Hee Lee,et al.  Small Size, Low Power, Side Channel-Immune AES Coprocessor: Design and Synthesis Results , 2004, AES Conference.

[12]  Vincent Rijmen,et al.  Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches , 2009, ICISC.

[13]  Ralph Wernsdorf,et al.  The Round Functions of RIJNDAEL Generate the Alternating Group , 2002, FSE.

[14]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[15]  Stefan Mangard,et al.  Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints , 2005, CHES.

[16]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[17]  Amir Moradi,et al.  Side-Channel Resistant Crypto for Less than 2,300 GE , 2011, Journal of Cryptology.

[18]  Jovan Dj. Golic,et al.  Multiplicative Masking and Power Analysis of AES , 2002, CHES.

[19]  K. Brown,et al.  Graduate Texts in Mathematics , 1982 .

[20]  C. Small Arithmetic of Finite Fields , 1991 .

[21]  W. J. Thron,et al.  Encyclopedia of Mathematics and its Applications. , 1982 .

[22]  G. V. Assche,et al.  Building power analysis resistant implementations of Keccak , 2010 .

[23]  J. Rotman An Introduction to the Theory of Groups , 1965 .

[24]  Stefan Mangard,et al.  Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings , 2010, CHES.

[25]  Markku-Juhani O. Saarinen Cryptographic Analysis of All 4 x 4 - Bit S-Boxes , 2011, IACR Cryptol. ePrint Arch..

[26]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[27]  Tsuyoshi Takagi,et al.  Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings , 2011, CHES.

[28]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[29]  Rudolf Lide,et al.  Finite fields , 1983 .

[30]  Matthew J. B. Robshaw,et al.  PRINTcipher: A Block Cipher for IC-Printing , 2010, CHES.

[31]  Berk Sunar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 - September 1, 2005, Proceedings , 2005, CHES.

[32]  Emmanuel Prouff,et al.  Higher-Order Glitches Free Implementation of the AES Using Secure Multi-party Computation Protocols , 2011, CHES.

[33]  Anne Canteaut,et al.  On the Influence of the Algebraic Degree of $F^{-1}$ on the Algebraic Degree of $G \circ F$ , 2013, IEEE Transactions on Information Theory.

[34]  C. Cannière Analysis and Design of Symmetric Encryption Algorithms (Analyse en ontwerp van symmetrische encryptie-algoritmen) , 2007 .

[35]  Vincent Rijmen,et al.  Using Normal Bases for Compact Hardware Implementations of the AES S-Box , 2008, SCN.

[36]  Claude Carlet,et al.  Vectorial Boolean Functions for Cryptography , 2006 .

[37]  Stefan Mangard,et al.  Successfully Attacking Masked AES Hardware Implementations , 2005, CHES.

[38]  Ingrid Verbauwhede,et al.  A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[39]  Kenneth G. Paterson Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings , 2011, EUROCRYPT.

[40]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[41]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[42]  René Govaerts,et al.  A New Approach Towards Block Cipher Design , 1993, FSE 1994.

[43]  Emmanuel Prouff,et al.  Provably Secure Higher-Order Masking of AES , 2010, IACR Cryptol. ePrint Arch..

[44]  Johannes Blömer,et al.  Provably Secure Masking of AES , 2004, IACR Cryptol. ePrint Arch..

[45]  Gregor Leander,et al.  On the Classification of 4 Bit S-Boxes , 2007, WAIFI.

[46]  Joan Daemen,et al.  Bitslice Ciphers and Power Analysis Attacks , 2000, FSE.