Side-channel resistant crypto for less than 2,300 GE

Side-channel resistant crypto for less than 2,300 GE

A provably secure countermeasure against first order side-channel attacks was proposed by Nikova et al. (P. Ning, S. Qing, N. Li (eds.) International conference in information and communications security. Lecture notes in computer science, vol. 4307, pp. 529–545, Springer, Berlin, 2006). We have imp...

Full description

Saved in:
Bibliographic Details
Main Authors: Poschmann, Axel, Moradi, Amir, Khoo, Khoongming, Lim, Chu Wee, Wang, Huaxiong, Ling, San
Other Authors: School of Physical and Mathematical Sciences
Format: Article
Language:English
Published: 2012
Subjects:
DRNTU::Science::Mathematics
Online Access:https://hdl.handle.net/10356/94926
http://hdl.handle.net/10220/7712
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-94926
record_format dspace
spelling sg-ntu-dr.10356-949262023-02-28T19:38:32Z Side-channel resistant crypto for less than 2,300 GE Poschmann, Axel Moradi, Amir Khoo, Khoongming Lim, Chu Wee Wang, Huaxiong Ling, San School of Physical and Mathematical Sciences DRNTU::Science::Mathematics A provably secure countermeasure against first order side-channel attacks was proposed by Nikova et al. (P. Ning, S. Qing, N. Li (eds.) International conference in information and communications security. Lecture notes in computer science, vol. 4307, pp. 529–545, Springer, Berlin, 2006). We have implemented the lightweight block cipher PRESENT using the proposed countermeasure. For this purpose we had to decompose the S-box used in PRESENT and split it into three shares that fulfill the properties of the scheme presented by Nikova et al. (P. Lee, J. Cheon (eds.) International conference in information security and cryptology. Lecture notes in computer science, vol. 5461, pp. 218–234, Springer, Berlin, 2008). Our experimental results on real-world power traces show that this countermeasure provides additional security. Post-synthesis figures for an ASIC implementation require only 2,300 GE, which makes this implementation suitable for low-cost passive RFID-tags. Accepted version 2012-04-11T01:35:35Z 2019-12-06T19:04:50Z 2012-04-11T01:35:35Z 2019-12-06T19:04:50Z 2010 2010 Journal Article Poschmann, A., Moradi, A., Khoo, K., Lim, C. W., Wang, H., & Ling, S. (2010). Side-channel resistant crypto for less than 2,300 GE. Journal of Cryptology, 24(2), 322-345. https://hdl.handle.net/10356/94926 http://hdl.handle.net/10220/7712 10.1007/s00145-010-9086-6 en Journal of cryptology © 2010 International Association for Cryptologic Research. This is the author created version of a work that has been peer reviewed and accepted for publication by Journal of Cryptology, Springer on behalf of International Association for Cryptologic Research. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: http://dx.doi.org/10.1007/s00145-010-9086-6 24 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Science::Mathematics
spellingShingle DRNTU::Science::Mathematics
Poschmann, Axel
Moradi, Amir
Khoo, Khoongming
Lim, Chu Wee
Wang, Huaxiong
Ling, San
Side-channel resistant crypto for less than 2,300 GE
description A provably secure countermeasure against first order side-channel attacks was proposed by Nikova et al. (P. Ning, S. Qing, N. Li (eds.) International conference in information and communications security. Lecture notes in computer science, vol. 4307, pp. 529–545, Springer, Berlin, 2006). We have implemented the lightweight block cipher PRESENT using the proposed countermeasure. For this purpose we had to decompose the S-box used in PRESENT and split it into three shares that fulfill the properties of the scheme presented by Nikova et al. (P. Lee, J. Cheon (eds.) International conference in information security and cryptology. Lecture notes in computer science, vol. 5461, pp. 218–234, Springer, Berlin, 2008). Our experimental results on real-world power traces show that this countermeasure provides additional security. Post-synthesis figures for an ASIC implementation require only 2,300 GE, which makes this implementation suitable for low-cost passive RFID-tags.
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Poschmann, Axel
Moradi, Amir
Khoo, Khoongming
Lim, Chu Wee
Wang, Huaxiong
Ling, San
format Article
author Poschmann, Axel
Moradi, Amir
Khoo, Khoongming
Lim, Chu Wee
Wang, Huaxiong
Ling, San
author_sort Poschmann, Axel
title Side-channel resistant crypto for less than 2,300 GE
title_short Side-channel resistant crypto for less than 2,300 GE
title_full Side-channel resistant crypto for less than 2,300 GE
title_fullStr Side-channel resistant crypto for less than 2,300 GE
title_full_unstemmed Side-channel resistant crypto for less than 2,300 GE
title_sort side-channel resistant crypto for less than 2,300 ge
publishDate 2012
url https://hdl.handle.net/10356/94926
http://hdl.handle.net/10220/7712
_version_ 1759854953530130432

Similar Items