Paper 2012/510

Enabling 3-share Threshold Implementations for any 4-bit S-box

Sebastian Kutzner, Phuong Ha Nguyen, and Axel Poschmann

Abstract

Threshold Implementation (TI) is an elegant and widely accepted countermeasure against 1-st order Differential Power Analysis (DPA) in Side Channel Attacks. The 3-share TI is the most efficient version of TI, but so far, it can only be applied to 50\% of all 4-bit S-boxes. In this paper, we study the limitations of decomposition and introduce factorization to enable the 3-share TI for any optimal 4-bit S-box. We propose an algorithm which can decompose any optimal 4-bit S-box to quadratic vectorial boolean functions with a time complexity of $2^{19}$. Furthermore, we use our new methodology in combination with decomposition to optimize ciphers utilizing many different S-boxes, and, to highlight the strength of our new methodology, we construct a 3-share Threshold Implementation of SERPENT which was believed to be not possible until now. Last, we show how to implemented all SERPENT S-boxes with only one mutual core.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
secret-key cryptographysecret-key cryptographyimplemetationblockcipherSERPENTThreshold Implementation coutermeasureSide Channel AttackDPA
Contact author(s)
ng0007ha @ e ntu edu sg
skutzner @ ntu edu sg
hxwang @ ntu edu sg
History
2012-09-03: received
Short URL
https://ia.cr/2012/510
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/510,
      author = {Sebastian Kutzner and Phuong Ha Nguyen and Axel Poschmann},
      title = {Enabling 3-share Threshold Implementations for any 4-bit S-box},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/510},
      year = {2012},
      url = {https://eprint.iacr.org/2012/510}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.