Avoid Mask Re-use in Masked Galois Multipliers
نویسنده
چکیده
This work examines a weakness in re-using masks for masked Galois inversion, specifically in the masked Galois multipliers. Here we show that the mask re-use scheme included in our work[1] cannot result in “perfect masking,” regardless of the order in which the terms are added; explicit distributions are derived for each step. The same problem requires new masks in the subfield calculations, not included in [1]. Hence, for resistance to first-order differential attacks, the masked S-box must use distinct, independent masks for input and output bytes of the masked inverter, and new masks in the subfields, resulting in a larger size. keywords: AES, S-box, masking, DPA, composite Galois field
منابع مشابه
A Very Compact "Perfectly Masked" S-Box for AES
Implementations of the Advanced Encryption Standard (AES), including hardware applications with limited resources (e.g., smart cards), may be vulnerable to “side-channel attacks” such as differential power analysis. One countermeasure against such attacks is adding a random mask to the data; this randomizes the statistics of the calculation at the cost of computing “mask corrections.” The singl...
متن کاملA Very Compact "Perfectly Masked" S-Box for AES (corrected)
Implementations of the Advanced Encryption Standard (AES), including hardware applications with limited resources (e.g., smart cards), may be vulnerable to “side-channel attacks” such as differential power analysis. One countermeasure against such attacks is adding a random mask to the data; this randomizes the statistics of the calculation at the cost of computing “mask corrections.” The singl...
متن کاملA Super-Serial Galois Fields Multiplier for FPGAs and its Application to Public-Key Algorithms
This contribution introduces a scalable multiplier architecture for Galois field GF(2 k) amenable for field programmable gate arrays (FPGAs) implementations. This architecture is well suited for the implementation of public-key cryptosystems which require pro-grammable multipliers in large Galois fields. The architecture trades a reduction in resources with an increase in the number of clock cy...
متن کاملDesign and Implementation of Reed Solomon Encoder on FPGA
Error correcting codes are used for detection and correction of errors in digital communication system. Error correcting coding is based on appending of redundancy to the information message according to a prescribed algorithm. Reed Solomon codes are part of channel coding and withstand the effect of noise, interference and fading. Galois field arithmetic is used for encoding and decoding reed ...
متن کاملOn the use of Karatsuba formula to detect errors in GF ( ( 2 n ) 2 ) multipliers
Galois fields are widely used in cryptographic applications. The detection of an error caused by a fault in a cryptographic circuit is important to avoid undesirable behaviours of the system that could be used to reveal secret information. One of the methods used to avoid these behaviours is the concurrent error detection. Multiplication in finite field is one of the most important operations a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009