Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

Xiangyu Li; Pengyuan Jiao; Chaoqun Yang

doi:10.1088/1674-4926/42/3/032402

J. Semicond. > 2021, Volume 42 > Issue 3 > 032402

ARTICLES

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

Xiangyu Li^{1, 2,}, Pengyuan Jiao^{1, 3} and Chaoqun Yang^{1, 3}

+ Author Affiliations

Corresponding author: Xiangyu Li, xiangyuli@tsinghua.edu.cn

DOI: 10.1088/1674-4926/42/3/032402

Abstract: A side-channel attack (SCA)-resistant AES S-box implementation is proposed, which is an improvement from the power-aware hiding (PAH) S-box but with higher security and a smaller area. We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts. In addition, a delay-matched enable control technique is used to suppress glitches in the masked parts. The evaluation results show that its area is contracted to 63.3% of the full PAH S-box, and its power-delay product is much lower than that of the masking implementation. The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665 000 noiseless traces.

Key words: ASIC, side-channel attack, AES S-box, power-aware hiding, glitch-free

References

[1]	Dinu D, Kizhvatov I. EM analysis in the IoT context: Lessons learned from an attack on thread. IACR Trans Cryptogr Hardw Embed Syst, 2018, 73
[2]	Tsai K L, Huang Y L, Leu F Y, et al. AES-128 based secure low power communication for LoRaWAN IoT environments. IEEE Access, 2018, 6, 45325 doi: 10.1109/ACCESS.2018.2852563
[3]	Taha M, Schaumont P. Key updating for leakage resiliency with application to AES modes of operation. IEEE Trans Inform Forensic Secur, 2015, 10, 519 doi: 10.1109/TIFS.2014.2383359
[4]	Moradi A, Poschmann A, Ling S, et al. Pushing the limits: A very compact and a threshold implementation of AES. Adv Cryptol - EUROCRYPT 2011, 2011, 69 doi: 10.1007/978-3-642-20465-4_6
[5]	Gao S, Roy A, Oswald E. Constructing TI-friendly substitution boxes using shift-invariant permutations. Cryptographers Track RSA Conference, 2019, 433
[6]	Boss E, Grosso V, Güneysu T, et al. Strong 8-bit Sboxes with efficient masking in hardware extended version. J Cryptogr Eng, 2017, 7, 149 doi: 10.1007/s13389-017-0156-7
[7]	Burns F, Bystrov A, Koelmans A, et al. Security evaluation of balanced 1-of-n circuits. IEEE Trans VLSI Syst, 2011, 19, 2135 doi: 10.1109/TVLSI.2010.2064793
[8]	Liu P C, Chang H C, Lee C Y. A low overhead DPA countermeasure circuit based on ring oscillators. IEEE Trans Circuits Syst II, 2010, 57, 546 doi: 10.1109/TCSII.2010.2048400
[9]	Singh A, Kar M, Mathew S, et al. Improved power side channel attack resistance of a 128-bit AES engine with random fast voltage dithering. European Solid-State Device Research Conference, 2017, 51
[10]	van Woudenberg J G J, Witteman M F, Bakker B. Improving differential power analysis by elastic alignment. Cryptographers Track RSA Conference, 2011, 104
[11]	Lu S, Zhang Z, Papaefthymiou M C. A 1.25 pJ/bit 0.048 mm² AES core with DPA resistance for IoT devices. IEEE Asian Solid-State Circuits Conference, 2017, 65
[12]	Ma J S, Wang M Y, Li X Y. Power-aware hiding method for S-box protection. Electron Lett, 2014, 50, 1604 doi: 10.1049/el.2014.1559
[13]	Li X Y, Yang C Q, Ma J S, et al. Energy-efficient side-channel attack countermeasure with awareness and hybrid configuration based on it. IEEE Trans VLSI Syst, 2017, 25, 3355 doi: 10.1109/TVLSI.2017.2752212
[14]	Yang C Q, Li X Y, Yin S J. Low-cost energy-efficient side-channel attacks resistant AES S-box with power-aware hiding inverter in GF(2⁴). International Conference on Trust, Security and Privacy in Computing and Communications, 2018, 1526
[15]	Canright D, Batina L. A very compact “perfectly masked” S-box for AES. Applied Cryptography and Network Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, 446
[16]	Nikova S, Rijmen V, Schläffer M. Secure hardware implementation of nonlinear functions in the presence of glitches. J Cryptol, 2011, 24, 292 doi: 10.1007/s00145-010-9085-7
[17]	Canright D. A very compact S-box for AES. Conference on Cryptographic Hardware and Embedded Systems, 2005, 441
[18]	Schneider T, Moradi A. Leakage assessment methodology. Conference on Cryptographic Hardware and Embedded Systems, 2015, 495
[19]	Moradi A, Standaert F X. Moments-correlating DPA. Proceedings of the 2016 ACM Workshop on Theory of Implementation Security - TIS'16, 2016, 5
[20]	Zeng J L, Wang Y, Xu C, et al. Improvement on masked S-box hardware implementation. IEEE International Conference on Innovations in Information Technology, 2012, 113

Fig. 1. (Color online) PAH-masking mixed S-box structure (modified from Ref. [14]).

DownLoad: Full-Size Img PowerPoint

Fig. 2. (Color online) PAH-masking mixed S-box timing diagram (modified from Ref. [14]).

DownLoad: Full-Size Img PowerPoint

Fig. 3. (Color online) PAH inversion in GF(2⁴) unit. (a) Circuit^[14]. (b) Layout (62 × 56 μm²).

DownLoad: Full-Size Img PowerPoint

Fig. 4. Modification of XOR gates in RMU.

DownLoad: Full-Size Img PowerPoint

Fig. 5. Structure of $\widetilde {A_0^{ - 1}}$ calculation logic with enable chain.

DownLoad: Full-Size Img PowerPoint

Fig. 6. (Color online) Nonspecific t-test results (with 10 000 traces). (a) Unprotected. (b) Full-masking. (c) Full-PAH. (d) Proposed.

DownLoad: Full-Size Img PowerPoint

Fig. 7. (Color online) MCP-DPA attack result (332 500 traces for profiling and 332 500 traces for correlation).

DownLoad: Full-Size Img PowerPoint

Table 1. Comparison with other DPA-resistant S-box in terms of security.

Design	Ref. [17]	Full-masking	Ref. [13]	Ref. [9]	This work (with glitches)	This work
Countermeasure	Unprotected	Full-masking	Full-PAH	RFVD	PAH-masking	PAH-glitch-free masking
${\left\| t \right\|_{\rm{max }}}$	69.8	25.2	37.2	4.2	14.4	3.9

DownLoad: CSV

Table 2. Comparison with other DPA-resistant S-box in terms of delay, energy, and cost.

Parameter	Ref. [17]	Ref. [20]	Ref. [13]	This work (with glitches)	This work
Countermeasure	No	Masking	Full-PAH	PIU+masking	Proposed
Technology (nm)	180	180	180	180	180
Delay (ns)	4	9.44	1.56	5.55	5.71
Area (GE)	373	635	3865	1558	2365
Energy (pJ)	24.56	152.93	5.6	24.08	26.87

DownLoad: CSV

[1]	Dinu D, Kizhvatov I. EM analysis in the IoT context: Lessons learned from an attack on thread. IACR Trans Cryptogr Hardw Embed Syst, 2018, 73
[2]	Tsai K L, Huang Y L, Leu F Y, et al. AES-128 based secure low power communication for LoRaWAN IoT environments. IEEE Access, 2018, 6, 45325 doi: 10.1109/ACCESS.2018.2852563
[3]	Taha M, Schaumont P. Key updating for leakage resiliency with application to AES modes of operation. IEEE Trans Inform Forensic Secur, 2015, 10, 519 doi: 10.1109/TIFS.2014.2383359
[4]	Moradi A, Poschmann A, Ling S, et al. Pushing the limits: A very compact and a threshold implementation of AES. Adv Cryptol - EUROCRYPT 2011, 2011, 69 doi: 10.1007/978-3-642-20465-4_6
[5]	Gao S, Roy A, Oswald E. Constructing TI-friendly substitution boxes using shift-invariant permutations. Cryptographers Track RSA Conference, 2019, 433
[6]	Boss E, Grosso V, Güneysu T, et al. Strong 8-bit Sboxes with efficient masking in hardware extended version. J Cryptogr Eng, 2017, 7, 149 doi: 10.1007/s13389-017-0156-7
[7]	Burns F, Bystrov A, Koelmans A, et al. Security evaluation of balanced 1-of-n circuits. IEEE Trans VLSI Syst, 2011, 19, 2135 doi: 10.1109/TVLSI.2010.2064793
[8]	Liu P C, Chang H C, Lee C Y. A low overhead DPA countermeasure circuit based on ring oscillators. IEEE Trans Circuits Syst II, 2010, 57, 546 doi: 10.1109/TCSII.2010.2048400
[9]	Singh A, Kar M, Mathew S, et al. Improved power side channel attack resistance of a 128-bit AES engine with random fast voltage dithering. European Solid-State Device Research Conference, 2017, 51
[10]	van Woudenberg J G J, Witteman M F, Bakker B. Improving differential power analysis by elastic alignment. Cryptographers Track RSA Conference, 2011, 104
[11]	Lu S, Zhang Z, Papaefthymiou M C. A 1.25 pJ/bit 0.048 mm² AES core with DPA resistance for IoT devices. IEEE Asian Solid-State Circuits Conference, 2017, 65
[12]	Ma J S, Wang M Y, Li X Y. Power-aware hiding method for S-box protection. Electron Lett, 2014, 50, 1604 doi: 10.1049/el.2014.1559
[13]	Li X Y, Yang C Q, Ma J S, et al. Energy-efficient side-channel attack countermeasure with awareness and hybrid configuration based on it. IEEE Trans VLSI Syst, 2017, 25, 3355 doi: 10.1109/TVLSI.2017.2752212
[14]	Yang C Q, Li X Y, Yin S J. Low-cost energy-efficient side-channel attacks resistant AES S-box with power-aware hiding inverter in GF(2⁴). International Conference on Trust, Security and Privacy in Computing and Communications, 2018, 1526
[15]	Canright D, Batina L. A very compact “perfectly masked” S-box for AES. Applied Cryptography and Network Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, 446
[16]	Nikova S, Rijmen V, Schläffer M. Secure hardware implementation of nonlinear functions in the presence of glitches. J Cryptol, 2011, 24, 292 doi: 10.1007/s00145-010-9085-7
[17]	Canright D. A very compact S-box for AES. Conference on Cryptographic Hardware and Embedded Systems, 2005, 441
[18]	Schneider T, Moradi A. Leakage assessment methodology. Conference on Cryptographic Hardware and Embedded Systems, 2015, 495
[19]	Moradi A, Standaert F X. Moments-correlating DPA. Proceedings of the 2016 ACM Workshop on Theory of Implementation Security - TIS'16, 2016, 5
[20]	Zeng J L, Wang Y, Xu C, et al. Improvement on masked S-box hardware implementation. IEEE International Conference on Innovations in Information Technology, 2012, 113

Search

GET CITATION

shu

Export: BibTex EndNote

Article Metrics

Article views: 3427 Times PDF downloads: 71 Times Cited by: 0 Times

History

Received: 05 August 2020 Revised: 09 September 2020 Online: Accepted Manuscript: 27 November 2020Uncorrected proof: 27 November 2020Published: 10 March 2021

Article Navigation > Journal of Semiconductors > 2021 > 42(3): 032402

Xiangyu Li, Pengyuan Jiao, Chaoqun Yang. Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking[J]. Journal of Semiconductors, 2021, 42(3): 032402. doi: 10.1088/1674-4926/42/3/032402 ****X Y Li, P Y Jiao, C Q Yang, Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking[J]. J. Semicond., 2021, 42(3): 032402. doi: 10.1088/1674-4926/42/3/032402.

Citation:

Xiangyu Li, Pengyuan Jiao, Chaoqun Yang. Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking[J]. Journal of Semiconductors, 2021, 42(3): 032402. doi: 10.1088/1674-4926/42/3/032402 ****

X Y Li, P Y Jiao, C Q Yang, Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking[J]. J. Semicond., 2021, 42(3): 032402. doi: 10.1088/1674-4926/42/3/032402.

Citation:

X Y Li, P Y Jiao, C Q Yang, Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking[J]. J. Semicond., 2021, 42(3): 032402. doi: 10.1088/1674-4926/42/3/032402.

PDF( 1703 KB)

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

DOI: 10.1088/1674-4926/42/3/032402

1.
Institute of Microelectronics, Tsinghua University, Beijing 100084, China
2.
Beijing National Research Center for Information Science and Technology, Beijing 100084, China
3.
School of Applied Science, Beijing Information Science and Technology University, Beijing 100192, China

More Information

Xiangyu Li：was born in Tianjin, China, in 1977. He received his B.S. degree in microelectronics and solid-state electronics from Tsinghua University, Beijing, China, in 2000 and his Ph.D. degree in science and technology of electronics from Tsinghua University, Beijing, China, in 2006. From 2006 to 2012, he was an Assistant Researcher with the Integrated Circuit and System Design Laboratory, Institute of Microelectronics, Tsinghua University, Beijing, China. Since 2012, he has been an Associate Professor with the Institute of Microelectronics, Tsinghua University, Beijing. He is the author of more than 60 articles and 9 inventions. His research interests include Internet of Things devices, energy-efficient integrated circuits, and hardware security. Prof. Li has been a reviewer of manuscripts for some journals, including IEEE Transactions on VLSI Systems, Science China and Circuit Word
Corresponding author: xiangyuli@tsinghua.edu.cn
Received Date: 2020-08-05
Revised Date: 2020-09-09
Published Date: 2021-03-10

Abstract

Abstract

A side-channel attack (SCA)-resistant AES S-box implementation is proposed, which is an improvement from the power-aware hiding (PAH) S-box but with higher security and a smaller area. We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts. In addition, a delay-matched enable control technique is used to suppress glitches in the masked parts. The evaluation results show that its area is contracted to 63.3% of the full PAH S-box, and its power-delay product is much lower than that of the masking implementation. The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665 000 noiseless traces.
- ASIC,
- side-channel attack,
- AES S-box,
- power-aware hiding,
- glitch-free

FullText(HTML)

References(20)

References

[1]	Dinu D, Kizhvatov I. EM analysis in the IoT context: Lessons learned from an attack on thread. IACR Trans Cryptogr Hardw Embed Syst, 2018, 73
[2]	Tsai K L, Huang Y L, Leu F Y, et al. AES-128 based secure low power communication for LoRaWAN IoT environments. IEEE Access, 2018, 6, 45325 doi: 10.1109/ACCESS.2018.2852563
[3]	Taha M, Schaumont P. Key updating for leakage resiliency with application to AES modes of operation. IEEE Trans Inform Forensic Secur, 2015, 10, 519 doi: 10.1109/TIFS.2014.2383359
[4]	Moradi A, Poschmann A, Ling S, et al. Pushing the limits: A very compact and a threshold implementation of AES. Adv Cryptol - EUROCRYPT 2011, 2011, 69 doi: 10.1007/978-3-642-20465-4_6
[5]	Gao S, Roy A, Oswald E. Constructing TI-friendly substitution boxes using shift-invariant permutations. Cryptographers Track RSA Conference, 2019, 433
[6]	Boss E, Grosso V, Güneysu T, et al. Strong 8-bit Sboxes with efficient masking in hardware extended version. J Cryptogr Eng, 2017, 7, 149 doi: 10.1007/s13389-017-0156-7
[7]	Burns F, Bystrov A, Koelmans A, et al. Security evaluation of balanced 1-of-n circuits. IEEE Trans VLSI Syst, 2011, 19, 2135 doi: 10.1109/TVLSI.2010.2064793
[8]	Liu P C, Chang H C, Lee C Y. A low overhead DPA countermeasure circuit based on ring oscillators. IEEE Trans Circuits Syst II, 2010, 57, 546 doi: 10.1109/TCSII.2010.2048400
[9]	Singh A, Kar M, Mathew S, et al. Improved power side channel attack resistance of a 128-bit AES engine with random fast voltage dithering. European Solid-State Device Research Conference, 2017, 51
[10]	van Woudenberg J G J, Witteman M F, Bakker B. Improving differential power analysis by elastic alignment. Cryptographers Track RSA Conference, 2011, 104
[11]	Lu S, Zhang Z, Papaefthymiou M C. A 1.25 pJ/bit 0.048 mm² AES core with DPA resistance for IoT devices. IEEE Asian Solid-State Circuits Conference, 2017, 65
[12]	Ma J S, Wang M Y, Li X Y. Power-aware hiding method for S-box protection. Electron Lett, 2014, 50, 1604 doi: 10.1049/el.2014.1559
[13]	Li X Y, Yang C Q, Ma J S, et al. Energy-efficient side-channel attack countermeasure with awareness and hybrid configuration based on it. IEEE Trans VLSI Syst, 2017, 25, 3355 doi: 10.1109/TVLSI.2017.2752212
[14]	Yang C Q, Li X Y, Yin S J. Low-cost energy-efficient side-channel attacks resistant AES S-box with power-aware hiding inverter in GF(2⁴). International Conference on Trust, Security and Privacy in Computing and Communications, 2018, 1526
[15]	Canright D, Batina L. A very compact “perfectly masked” S-box for AES. Applied Cryptography and Network Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2008, 446
[16]	Nikova S, Rijmen V, Schläffer M. Secure hardware implementation of nonlinear functions in the presence of glitches. J Cryptol, 2011, 24, 292 doi: 10.1007/s00145-010-9085-7
[17]	Canright D. A very compact S-box for AES. Conference on Cryptographic Hardware and Embedded Systems, 2005, 441
[18]	Schneider T, Moradi A. Leakage assessment methodology. Conference on Cryptographic Hardware and Embedded Systems, 2015, 495
[19]	Moradi A, Standaert F X. Moments-correlating DPA. Proceedings of the 2016 ACM Workshop on Theory of Implementation Security - TIS'16, 2016, 5
[20]	Zeng J L, Wang Y, Xu C, et al. Improvement on masked S-box hardware implementation. IEEE International Conference on Innovations in Information Technology, 2012, 113

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

References

Search

GET CITATION

Share:

Article Metrics

History

Catalog

Email This Article

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

DOI: 10.1088/1674-4926/42/3/032402

Abstract

References

Proportional views

Catalog

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

References

Search

GET CITATION

Share:

Article Metrics

History

Catalog

Email This Article

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

DOI: 10.1088/1674-4926/42/3/032402

Abstract

References

Proportional views

Catalog

Export File

Citation

Format

Content