SpringerLink
Log in

Strong 8-bit Sboxes with efficient masking in hardware extended version

  • CHES 2016
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Block ciphers are arguably the most important cryptographic primitive in practice. While their security against mathematical attacks is rather well understood, physical threats such as side-channel analysis (SCA) still pose a major challenge for their security. An effective countermeasure to thwart SCA is using a cipher representation that applies the threshold implementation (TI) concept. However, there are hardly any results available on how this concept can be adopted for block ciphers with large (i.e., 8-bit) Sboxes. In this work we provide a systematic analysis on and search for 8-bit Sbox constructions that can intrinsically feature the TI concept, while still providing high resistance against cryptanalysis. Our study includes investigations on Sboxes constructed from smaller ones using Feistel, SPN, or MISTY network structures. As a result, we present a set of new Sboxes that not only provide strong cryptographic criteria, but are also optimized for TI. We believe that our results will find an inspiring basis for further research on high-security block ciphers that intrinsically feature protection against physical attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Germany)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. In the following we denote functions by a hexadecimal string in which the first letter denotes the first element of the look-up table implementing the function.

  2. Alternatively, one can apply the technique presented in [24].

References

  1. Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: A Block Cipher for Low Energy. In: ASIACRYPT (2), Lecture Notes in Computer Science, vol. 9453, pp. 411–436. Springer, New York (2015)

  2. Barkan, E., Biham, E.: In How Many Ways Can You Write Rijndael? In: ASIACRYPT 2002, Lecture Notes in Computer Science, vol. 2501, pp. 160–175. Springer, New York (2002)

  3. Barreto, P., Rijmen, V.: The Khazad legacy-level block cipher. Primitive submitted to NESSIE 97 (2000)

  4. Beierle, C., Jean, J., Kölbl, S., Leander, G., Moradi, A., Peyrin, T., Sasaki, Y., Sasdrich, P., Sim, S.M.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: M. Robshaw, J. Katz (eds.) Advances in Cryptology–CRYPTO 2016–36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14–18, 2016, Proceedings, Part II, Lecture Notes in Computer Science, vol. 9815, pp. 123–153. Springer, New York (2016). doi:10.1007/978-3-662-53008-5_5

  5. Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. In: CRYPTO 1990, Lecture Notes in Computer Science, vol. 537, pp. 2–21. Springer, New York (1991)

  6. Bilgin, B., Bogdanov, A., Knezevic, M., Mendel, F., Wang, Q.: Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware. In: CHES 2013, Lecture Notes in Computer Science, vol. 8086, pp. 142–158. Springer New York (2013)

  7. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: A More Efficient AES Threshold Implementation. In: AFRICACRYPT 2014, Lecture Notes in Computer Science, vol. 8469, pp. 267–284. Springer, New York (2014)

  8. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Higher-Order Threshold Implementations. In: ASIACRYPT 2014, Lecture Notes in Computer Science, vol. 8874, pp. 326–343. Springer, New York (2014)

  9. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Trade-offs for threshold implementations illustrated on AES. IEEE Trans. Cad Integr. Circuits Syst. 34(7), 1188–1200 (2015)

    Article  MATH  Google Scholar 

  10. Bilgin, B., Nikova, S., Nikov, V., Rijmen, V., Stütz, G.: Threshold Implementations of All 3 \(\times \) 3 and 4 \(\times \) 4 S-Boxes. In: CHES 2012, Lecture Notes in Computer Science, vol. 7428, pp. 76–91. Springer, New York (2012)

  11. Bilgin, B., Nikova, S., Nikov, V., Rijmen, V., Tokareva, N., Vitkup, V.: Threshold implementations of small S-boxes. Cryptogr. Commun. 7(1), 3–33 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  12. Boyar, J., Peralta, R.: A New Combinational Logic Minimization Technique with Applications to Cryptology. In: Experimental Algorithms, SEA 2010, Lecture Notes in Computer Science, vol. 6049, pp. 178–189. Springer, New York (2010)

  13. Brinkmann, M.: EA classification of all 4 bit functions. personal communication (2008)

  14. Canright, D.: A Very Compact S-Box for AES. In: CHES 2005, Lecture Notes in Computer Science, vol. 3659. Springer, New York (2005)

  15. Canteaut, A., Duval, S., Leurent, G.: Construction of Lightweight S-Boxes using Feistel and MISTY structures. In: SAC 2015, Lecture Notes in Computer Science, vol. 9566, pp. 373–393. Springer, New York (2016)

  16. Chabaud, F., Vaudenay, S.: Links Between Differential and Linear Cryptanalysis. In: EUROCRYPT 1994, Lecture Notes in Computer Science, vol. 950, pp. 356–365. Springer, New York (1995)

  17. Daemen, J., Peeters, M., Van Assche, G., Rijmen, V.: Nessie proposal: NOEKEON. In: First Open NESSIE Workshop, pp. 213–230 (2000)

  18. Daemen, J., Rijmen, V.: The Design of Rijndael: AES–The Advanced Encryption Standard, Information Security and Cryptography. Springer, New York (2002)

    Book  MATH  Google Scholar 

  19. Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.: Block Ciphers That Are Easier to Mask: How Far Can We Go? In: CHES 2013, Lecture Notes in Computer Science, vol. 8086, pp. 383–399. Springer, New York (2013)

  20. Grosso, V., Leurent, G., Standaert, F., Varici, K.: LS-Designs: Bitslice Encryption for Efficient Masked Software Implementations. In: FSE 2014, Lecture Notes in Computer Science, vol. 8540, pp. 18–37. Springer, New York (2015)

  21. Grosso, V., Leurent, G., Standaert, F., Varici, K., Journault, A., Durvaux, F., Gaspar, L., Kerckhof, S.: SCREAM Side-Channel Resistant Authenticated Encryption with Masking–ver 3. submission to CAESAR competition of authenticated ciphers, https://competitions.cr.yp.to/round2/screamv3.pdf

  22. Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.J.B.: The LED Block Cipher. In: CHES 2011, Lecture Notes in Computer Science, vol. 6917, pp. 326–341. Springer, New York (2011)

  23. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: Securing hardware against probing attacks. In: D. Boneh (ed.) Advances in Cryptology–CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17–21, 2003, Proceedings, Lecture Notes in Computer Science, vol. 2729, pp. 463–481. Springer, New York (2003). doi:10.1007/978-3-540-45146-4_27

  24. Kutzner, S., Nguyen, P.H., Poschmann, A.: Enabling 3-Share Threshold Implementations for all 4-Bit S-Boxes. In: ICISC 2013, Lecture Notes in Computer Science, vol. 8565, pp. 91–108. Springer, New York (2014)

  25. Lai, X., Massey, J.L.: A proposal for a new block encryption standard. In: I. Damgård (ed.) Advances in Cryptology - EUROCRYPT ’90, Workshop on the Theory and Application of of Cryptographic Techniques, Aarhus, Denmark, May 21–24, 1990, Proceedings, Lecture Notes in Computer Science, vol. 473, pp. 389–404. Springer, New York (1990). http://link.springer.de/link/service/series/0558/bibs/0473/04730389.htm

  26. Lim, C.H.: CRYPTON: A New 128-bit Block Cipher–Specification and Analysis. NIST AES Proposal (1998)

  27. Lim, C.H.: A Revised Version of Crypton–Crypton V1.0. In: FSE 1999, Lecture Notes in Computer Science, vol. 1636, pp. 31–45. Springer, New York (1999)

  28. Mangard, S., Pramstaller, N., Oswald, E.: Successfully Attacking Masked AES Hardware Implementations. In: CHES, Lecture Notes in Computer Science, vol. 3659, pp. 157–171. Springer, New York (2005)

  29. Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: EUROCRYPT 1993, Lecture Notes in Computer Science, vol. 765, pp. 386–397. Springer, New York (1994)

  30. Matsui, M.: New Block Encryption Algorithm MISTY. In: FSE 1997, Lecture Notes in Computer Science, vol. 1267, pp. 54–68. Springer, New York (1997)

  31. Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-Enhanced Power Analysis Collision Attack. In: CHES, Lecture Notes in Computer Science, vol. 6225, pp. 125–139. Springer, New York (2010)

  32. Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the Limits: A Very Compact and a Threshold Implementation of AES. In: EUROCRYPT 2011, Lecture Notes in Computer Science, vol. 6632, pp. 69–88. Springer, New York (2011)

  33. Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  34. Piret, G., Roche, T., Carlet, C.: PICARO–A Block Cipher Allowing Efficient Higher-Order Side-Channel Resistance. In: ACNS 2012, Lecture Notes in Computer Science, vol. 7341, pp. 311–328. Springer, New York (2012)

  35. Poschmann, A., Moradi, A., Khoo, K., Lim, C., Wang, H., Ling, S.: Side-channel resistant crypto for less than 2300 GE. J. Cryptol. 24(2), 322–345 (2011)

    Article  MATH  Google Scholar 

  36. Poschmann, A.Y.: Lightweight cryptography: cryptographic engineering for a pervasive world. Ph.D. thesis, Ruhr University Bochum (2009)

  37. Raddum, H.: More Dual Rijndaels. In: AES Conference, Lecture Notes in Computer Science, vol. 3373, pp. 142–147. Springer, New York (2004)

  38. Rijmen, V., Barreto, P.: The WHIRLPOOL hash function. World-Wide Web document p. 72 (2001)

  39. Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: S. Mangard, F. Standaert (eds.) Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings, Lecture Notes in Computer Science, vol. 6225, pp. 413–427. Springer, New York (2010). doi:10.1007/978-3-642-15031-9_28

  40. Shahverdi, A., Taha, M., Eisenbarth, T.: Silent Simon: A threshold implementation under 100 slices. In: HOST 2015, pp. 1–6. IEEE (2015)

  41. Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA (Extended Abstract). In: FSE 2007, Lecture Notes in Computer Science, vol. 4593, pp. 181–195. Springer, New York (2007)

  42. Standaert, F., Piret, G., Rouvroy, G., Quisquater, J., Legat, J.: ICEBERG : An Involutional Cipher Efficient for Block Encryption in Reconfigurable Hardware. In: FSE 2004, Lecture Notes in Computer Science, vol. 3017, pp. 279–299. Springer, New York (2004)

  43. Ullrich, M., Cannière, C.D., Indesteege, S., Özgül Küçük, Mouha, N., Preneel, B.: Finding Optimal Bitsliced Implementations of 4\(\times \)4-bit S-boxes. In: Symmetric Key Encryption Workshop, p. 20 (2011)

  44. Virtual Silicon Inc.: 0.18 \(\upmu \)m VIP Standard Cell Library Tape Out Ready, Part Number: UMCL18G212T3, Process: UMC Logic 0.18 \(\upmu \)m Generic II Technology: 0.18 \(\upmu \)m (2004)

Download references

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Bochum, Germany

    Erik Boss, Vincent Grosso, Gregor Leander, Amir Moradi & Tobias Schneider

  2. University of Bremen and DFKI, Bremen, Germany

    Tim Güneysu

Authors
  1. Erik Boss
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vincent Grosso
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tim Güneysu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gregor Leander
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Amir Moradi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Tobias Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tobias Schneider.

Additional information

This work is partly supported by the DFG Research Training Group GRK 1817 Ubicrypt, the European Union’s Horizon 2020 research and innovation programme under Grant agreement No. 643161 (ECRYPT-NET), and by the German Federal Ministry of Education and Research BMBF (Grant 16KIS0015, Project PhotonFX2).

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Boss, E., Grosso, V., Güneysu, T. et al. Strong 8-bit Sboxes with efficient masking in hardware extended version. J Cryptogr Eng 7, 149–165 (2017). https://doi.org/10.1007/s13389-017-0156-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-017-0156-7

Keywords

Search

Navigation