We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA counter-measures when an S-box is expressed as a polynomial over a binary finite field. For n-bit S-boxes our new technique has heuristic complexity (Formula presented.) instead of (Formula presented.) proven complexity for the Parity-Split method. We also prove a lower bound of (Formula presented.) on the complexity of any method to evaluate n-bit S-boxes; this shows that our method is asymptotically optimal. Here, complexity refers to the number of nonlinear multiplications required to evaluate the polynomial corresponding to an S-box. In practice we can evaluate any 8-bit S-box in 10 non-linear multiplications instead of 16 in the Roy-Vivek paper from CHES 2013, and the DES S-boxes in 4 non-linear multiplications instead of 7. We also evaluate any 4-bit S-box in 2 non-linear multiplications instead of 3. Hence our method achieves optimal complexity for the PRESENT S-box.
CITATION STYLE
Coron, J. S., Roy, A., & Vivek, S. (2014). Fast evaluation of polynomials over binary finite fields and application to side-channel countermeasures. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 8731, 170–187. https://doi.org/10.1007/978-3-662-44709-3_10
Mendeley helps you to discover research relevant for your work.