The Masking Method for Protecting Power Analysis Attacks in SEED

PURPOSE: A masking method for protecting power analysis attacks is provided to reduce operation quantity needed for masking operation. CONSTITUTION: An inverse table is generated(S510). A first and a second conversion tables for an additional conversion according to the use of the inverse table is generated. 6 one-bite mask values and 2 four-bits mask values required for the masking are generated(S530). The inverse table is masked with the new mask value. The masking inverse table is generated(S550). A masking S box is composed using the masking inverse table, and the first and the second conversion table(S570).