Squeezing polynomial masking in tower fields a higher-order masked AES S-box

Fabrizio de Santis; Tobias Bauer; Georg Sigl

doi:10.1007/978-3-319-54669-8_12

Squeezing polynomial masking in tower fields a higher-order masked AES S-box

Fabrizio de Santis
, Tobias Bauer
, Georg Sigl

Chair of Security in Information Technology

Technical University of Munich
Fraunhofer AISEC

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Polynomial masking is a higher-order and glitch-resistant masking scheme to protect cryptographic implementations against sidechannel attacks. Polynomial masking was introduced at CHES 2011, while a 1^st-order polynomially masked AES S-box hardware implementation was presented at CHES 2013, and later on improved at TIs 2016. Polynomial masking schemes are advantageous in the way they can be easily adapted to every block-cipher and inherently scaled to any masking order using simple hardware design patterns. As a drawback, they typically have large area, time, and randomness requirements when compared to other masking schemes, e.g. threshold implementations. In this work, we show how tower fields can be perfectly committed to polynomial masking schemes, to reduce both area and randomness requirements of higher-order polynomially masked implementations, with application to AES. We provide ASIC synthesis results up to the 6^thmasking order and perform side-channel attacks on a Xilinx Spartan6 FPGA up to the 2^ndmasking order.

Original language	English
Title of host publication	Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers
Editors	Michael Tunstall, Kerstin Lemke-Rust
Publisher	Springer Verlag
Pages	192-208
Number of pages	17
ISBN (Print)	9783319546681
DOIs	https://doi.org/10.1007/978-3-319-54669-8_12
State	Published - 2017
Event	15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016 - Cannes, France Duration: 7 Nov 2016 → 9 Nov 2016

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10146 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016
Country/Territory	France
City	Cannes
Period	7/11/16 → 9/11/16

Keywords

AES
Multi-party computation
Polynomial masking
Secret sharing
Side-channel analysis
Tower fields

Access to Document

10.1007/978-3-319-54669-8_12

Cite this

de Santis, F., Bauer, T., & Sigl, G. (2017). Squeezing polynomial masking in tower fields a higher-order masked AES S-box. In M. Tunstall, & K. Lemke-Rust (Eds.), Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers (pp. 192-208). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10146 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-54669-8_12

de Santis, Fabrizio ; Bauer, Tobias ; Sigl, Georg. / Squeezing polynomial masking in tower fields a higher-order masked AES S-box. Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers. editor / Michael Tunstall ; Kerstin Lemke-Rust. Springer Verlag, 2017. pp. 192-208 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{93572197b26847dbba25998225fb5208,

title = "Squeezing polynomial masking in tower fields a higher-order masked AES S-box",

abstract = "Polynomial masking is a higher-order and glitch-resistant masking scheme to protect cryptographic implementations against sidechannel attacks. Polynomial masking was introduced at CHES 2011, while a 1st-order polynomially masked AES S-box hardware implementation was presented at CHES 2013, and later on improved at TIs 2016. Polynomial masking schemes are advantageous in the way they can be easily adapted to every block-cipher and inherently scaled to any masking order using simple hardware design patterns. As a drawback, they typically have large area, time, and randomness requirements when compared to other masking schemes, e.g. threshold implementations. In this work, we show how tower fields can be perfectly committed to polynomial masking schemes, to reduce both area and randomness requirements of higher-order polynomially masked implementations, with application to AES. We provide ASIC synthesis results up to the 6thmasking order and perform side-channel attacks on a Xilinx Spartan6 FPGA up to the 2ndmasking order.",

keywords = "AES, Multi-party computation, Polynomial masking, Secret sharing, Side-channel analysis, Tower fields",

author = "\{de Santis\}, Fabrizio and Tobias Bauer and Georg Sigl",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.; 15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016 ; Conference date: 07-11-2016 Through 09-11-2016",

year = "2017",

doi = "10.1007/978-3-319-54669-8\_12",

language = "English",

isbn = "9783319546681",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "192--208",

editor = "Michael Tunstall and Kerstin Lemke-Rust",

booktitle = "Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers",

}

de Santis, F, Bauer, T & Sigl, G 2017, Squeezing polynomial masking in tower fields a higher-order masked AES S-box. in M Tunstall & K Lemke-Rust (eds), Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10146 LNCS, Springer Verlag, pp. 192-208, 15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016, Cannes, France, 7/11/16. https://doi.org/10.1007/978-3-319-54669-8_12

Squeezing polynomial masking in tower fields a higher-order masked AES S-box. / de Santis, Fabrizio; Bauer, Tobias; Sigl, Georg.
Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers. ed. / Michael Tunstall; Kerstin Lemke-Rust. Springer Verlag, 2017. p. 192-208 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10146 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Squeezing polynomial masking in tower fields a higher-order masked AES S-box

AU - de Santis, Fabrizio

AU - Bauer, Tobias

AU - Sigl, Georg

N1 - Publisher Copyright: © Springer International Publishing AG 2017.

PY - 2017

Y1 - 2017

N2 - Polynomial masking is a higher-order and glitch-resistant masking scheme to protect cryptographic implementations against sidechannel attacks. Polynomial masking was introduced at CHES 2011, while a 1st-order polynomially masked AES S-box hardware implementation was presented at CHES 2013, and later on improved at TIs 2016. Polynomial masking schemes are advantageous in the way they can be easily adapted to every block-cipher and inherently scaled to any masking order using simple hardware design patterns. As a drawback, they typically have large area, time, and randomness requirements when compared to other masking schemes, e.g. threshold implementations. In this work, we show how tower fields can be perfectly committed to polynomial masking schemes, to reduce both area and randomness requirements of higher-order polynomially masked implementations, with application to AES. We provide ASIC synthesis results up to the 6thmasking order and perform side-channel attacks on a Xilinx Spartan6 FPGA up to the 2ndmasking order.

AB - Polynomial masking is a higher-order and glitch-resistant masking scheme to protect cryptographic implementations against sidechannel attacks. Polynomial masking was introduced at CHES 2011, while a 1st-order polynomially masked AES S-box hardware implementation was presented at CHES 2013, and later on improved at TIs 2016. Polynomial masking schemes are advantageous in the way they can be easily adapted to every block-cipher and inherently scaled to any masking order using simple hardware design patterns. As a drawback, they typically have large area, time, and randomness requirements when compared to other masking schemes, e.g. threshold implementations. In this work, we show how tower fields can be perfectly committed to polynomial masking schemes, to reduce both area and randomness requirements of higher-order polynomially masked implementations, with application to AES. We provide ASIC synthesis results up to the 6thmasking order and perform side-channel attacks on a Xilinx Spartan6 FPGA up to the 2ndmasking order.

KW - AES

KW - Multi-party computation

KW - Polynomial masking

KW - Secret sharing

KW - Side-channel analysis

KW - Tower fields

UR - https://www.scopus.com/pages/publications/85014961044

U2 - 10.1007/978-3-319-54669-8_12

DO - 10.1007/978-3-319-54669-8_12

M3 - Conference contribution

AN - SCOPUS:85014961044

SN - 9783319546681

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 192

EP - 208

BT - Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers

A2 - Tunstall, Michael

A2 - Lemke-Rust, Kerstin

PB - Springer Verlag

T2 - 15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016

Y2 - 7 November 2016 through 9 November 2016

ER -

de Santis F, Bauer T, Sigl G. Squeezing polynomial masking in tower fields a higher-order masked AES S-box. In Tunstall M, Lemke-Rust K, editors, Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Revised Selected Papers. Springer Verlag. 2017. p. 192-208. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-54669-8_12

Squeezing polynomial masking in tower fields a higher-order masked AES S-box

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this