Abstract
This paper describes an efficient method for protecting implementations of inversions in GF(2n) against DPA attacks. The general method combines two techniques, both of which were proposed in the context of AES S-Box design: a) the simplified multiplicative mask, and b) the use of mixed field representations for the AES S-box. Here, we modify the masking procedure and make it suitable for situations where the inversion is performed in a preferred field representation that differs from the representation in which the input/output are given. For n=8 in particular, we provide the details of the mask updates that are required for the complete AES round. Our results indicate that significantly increased efficiency is gained when this method is used to construct a hardware implementation of AES, protected against DPA attacks.
Original language | English |
---|---|
Title of host publication | Embedded Cryptographic Hardware |
Subtitle of host publication | Methodologies and Architectures |
Editors | Nadia Nedjah, Luiza de Macedo Mourelle |
Publisher | Nova Science Publishers, Inc. |
Pages | 213-228 |
Number of pages | 16 |
ISBN (Print) | 1594540128, 9781594540127 |
State | Published - 2004 |