Threshold implementations of small S-boxes

被引:35
作者
Bilgin, Begul [1 ,2 ,3 ]
Nikova, Svetla [1 ,2 ]
Nikov, Ventzislav [4 ]
Rijmen, Vincent [1 ,2 ]
Tokareva, Natalia [5 ,6 ]
Vitkup, Valeriya [5 ,6 ]
机构
[1] Katholieke Univ Leuven, ESAT COSIC, Leuven, Belgium
[2] iMinds, Leuven, Belgium
[3] Univ Twente, EEMCS DIES, NL-7500 AE Enschede, Netherlands
[4] NXP Semicond, Leuven, Belgium
[5] Sobolev Inst Math, Novosibirsk, Russia
[6] Novosibirsk State Univ, Novosibirsk 630090, Russia
来源
CRYPTOGRAPHY AND COMMUNICATIONS-DISCRETE-STRUCTURES BOOLEAN FUNCTIONS AND SEQUENCES | 2015年 / 7卷 / 01期
基金
俄罗斯基础研究基金会;
关键词
DPA; Masking; Glitches; Sharing; Nonlinear functions; S-box; Decomposition; POWER ANALYSIS; HARDWARE; MASKING; CLASSIFICATION;
D O I
10.1007/s12095-014-0104-7
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Threshold implementation (TI) is a masking method that provides security against first-order DPAwithminimal assumptions on the hardware. It is based on multi-party computation and secret sharing. In this paper, we provide an efficient technique to find TIs for all 3 and 4-bit permutations which also covers the set of 3 x 3 and 4 x 4 invertible S-boxes. We also discuss alternative methods to construct shared functions by changing the number of variables or shares. Moreover, we further consider the TI of 5-bit almost bent and 6-bit almost perfect nonlinear permutations. Finally, we compare the areas of these various TIs.
引用
收藏
页码:3 / 33
页数:31
相关论文
共 47 条
[1]  
Akkar M.-L., 2001, Cryptographic Hardware and Embedded Systems - CHES 2001. Third International Workshop. Proceedings (Lecture Notes in Computer Science Vol.2162), P309
[2]  
[Anonymous], LNCS
[3]  
[Anonymous], 2011503 CRYPT EPR AR
[4]  
[Anonymous], 2012510 CRYPT EPR AR
[5]  
[Anonymous], LIST DECOMPOSITIONS
[6]  
[Anonymous], CARDIS IN PRESS
[7]  
[Anonymous], CHES 2011 NAR JAP
[8]  
[Anonymous], 2010, VECTOR BOOLEAN FUNCT
[9]  
[Anonymous], ATUL LUYKX FLORIAN M
[10]  
[Anonymous], TI TOOLKIT
12345