Abstract
Threshold Implementations provide provable security against first-order power analysis attacks for hardware and software implementations. Like masking, the approach relies on secret sharing but it differs in the implementation of logic functions. At Eurocrypt 2011 Moradi et al. published the to date most compact Threshold Implementation of AES-128 encryption. Their work shows that the number of required random bits may be an additional evaluation criterion, next to area and speed. We present a new Threshold Implementation of AES-128 encryption that is 18% smaller, 7.5% faster and that requires 8% less random bits than the implementation from Eurocrypt 2011. In addition, we provide results of a practical security evaluation based on real power traces in adversary-friendly conditions. They confirm the first-order attack resistance of our implementation and show good resistance against higher-order attacks. © 2014 Springer International Publishing.
Author supplied keywords
Cite
CITATION STYLE
Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., & Rijmen, V. (2014). A more efficient AES threshold implementation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8469 LNCS, pp. 267–284). Springer Verlag. https://doi.org/10.1007/978-3-319-06734-6_17
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
