[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.4218/etrij.10.0109.0181

Efficient Masking Methods Appropriate for the Block Ciphers ARIA and AES

Kim, Hee-Seok (Center for Information Security Technologies (CIST), Korea University)
Kim, Tae-Hyun (Institute Attached to ETRI)
Han, Dong-Guk (Department of Mathematics, Kookmin University)
Hong, Seok-Hie (Center for Information Security Technologies (CIST), Korea University)

Publication Information

ETRI Journal / v.32, no.3, 2010 , pp. 370-379 More about this Journal

Abstract

In this paper, we propose efficient masking methods for ARIA and AES. In general, a masked S-box (MS) block can be constructed in different ways depending on the implementation platform, such as hardware and software. However, the other components of ARIA and AES have less impact on the implementation cost. We first propose an efficient masking structure by minimizing the number of mask corrections under the assumption that we have an MS block. Second, to make a secure and efficient MS block for ARIA and AES, we propose novel methods to solve the table size problem for the MS block in a software implementation and to reduce the cost of a masked inversion which is the main part of the MS block in the hardware implementation.

Keywords

Side-channel attacks; masking method; composite field; ARIA; AES;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)
Times Cited By Web Of Science : 3 (Related Records In Web of Science)
Times Cited By SCOPUS : 3

1	E. Oswald and K. Schramm. "An Efficient Masking Scheme for AES Software Implementations," WISA, LNCS, vol. 3786, 2006, pp. 292-305.
2	B. Koo et al., "Design and Implementation of Unified Hardware for 128-Bit Block Ciphers ARIA and AES," ETRI J., vol. 29, no. 6, Dec. 2007, pp. 80-82.
3	J. Wolkerstorfer, E. Oswald, and M. Lamberger, "An ASIC Implementation of the AES SBoxes," CT-RSA, LNCS, vol. 2271, 2002, pp. 67-78.
4	B. Zakeri et al., "Compact and Secure Design of Masked AES SBox," Lecture Notes in Computer Science, vol. 4861, 2007, pp. 216-229.
5	S. Mangard, N. Pramstaller, and E. Oswald, "Successfully Attacking Masked AES Hardware Implementations," CHES, LNCS, vol. 3659, 2005, pp. 157-171.
6	D. Kwon et al.,"New Block Cipher: ARIA," ICISC, LNCS, vol. 2971, 2004, pp. 432-445.
7	J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Standard, Springer, 2002.
8	C. Adams and S. Tavares, "The Structured Design of Cryptographically Good SBoxes," J. of Cryptology, vol. 3, no. 1, 1990, pp. 27-42.
9	L. O'Connor, "On the Distribution of Characteristics in Bijective Mappings," Eurocrypt, LNCS, vol. 765, 1994, pp. 360-370.
10	A. Satoh et al., "A Compact Rijndael Hardware Architecture with S-Box Optimization," ASIACRYPT, LNCS, vol. 2248, 2001, pp. 239-254.
11	F.X. Standaert, S.B. Ors, and B. Preneel, "Power Analysis of an FPGA Implementation of Rijndael: Is Pipelining a DPA Countermeasure?" CHES, LNCS, vol. 3156, 2004, pp. 30-44.
12	Atmel Corporation. Datasheet: ATmega128(L). http://www.atmel.com/products/avr/.
13	C. Herbst, E. Oswald, and S. Mangard, "An AES Smart Card Implementation Resistant to Power Analysis Attacks," ACNS, LNCS, vol. 3989, 2006, pp. 239-252.
14	C. Kim, M. Schläffer, and S. Moon, "Differential Side Channel Analysis Attacks on FPGA Implementations of ARIA," ETRI J., vol. 30, no.2, Apr. 2008, pp. 315-325. DOI ScienceOn
15	T. Messerges, "Using Second-Order Power Analysis to Attack DPA Resistant Software," CHES, LNCS, vol. 1965, 2000, pp. 238-251.
16	T. Messerges, "Securing the AES Finalists Against Power Analysis Attacks," FSE, LNCS, vol. 1978, 2000, pp. 150-164.
17	J. Blomer, J. Guajardo, and V. Krummel. "Provably Secure Masking of AES," SAC, LNCS, vol. 3357, 2005, pp. 69-83.
18	E. Trichina, D.S. Seta, and L. Germani, "Simplified Adaptive Multiplicative Masking for AES," CHES, LNCS, vol. 2523, 2002, pp. 187-197.
19	K. Schramm and C. Paar, "Higher Order Masking of the AES," LNCS, vol. 3860, 2006, pp. 208-225.
20	M. L. Akkar and C. Giraud, "An Implementation of DES and AES, Secure Against Some Attacks," CHES, LNCS, vol. 2162, 2001, pp. 309-318.
21	E. Oswald et al., "A Side-Channel Analysis Resistant Description of the AES S-Box," FSE, LNCS, vol. 3557, 2005, pp. 413-423.
22	J.D. Golic and C. Tymen, "Multiplicative Masking and Power Analysis of AES," CHES, LNCS, vol. 2523, 2002, pp. 198-212.
23	P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Int. Conf. Cryptology, 1999, pp. 388-397.
24	J. Ha et al., "Differential Power Analysis on Block Cipher ARIA," HPCC, LNCS, vol. 3726, 2005, pp. 541-548.

1	Efficient Masked Implementation for SEED Based on Combined Masking / [Kim, Hee-Seok;Cho, Young-In;Choi, Doo-Ho;Han, Dong-Guk;Hong, Seok-Hie;] / ETRI Journal
2	Secure Hardware Implementation of ARIA Based on Adaptive Random Masking Technique / [Kang, Jun-Ki;Choi, Doo-Ho;Choi, Yong-Je;Han, Dong-Guk;] / ETRI Journal
3	New Type of Collision Attack on Power-Analysis Resistant AES / [Kim, HeeSeok;Park, Hark-Soo;Hong, Seokhie;] / KIPS Transactions on Computer and Communication Systems
4	Chosen Plaintext Collision Attack Using the Blacklist / [Kim, Eun-Hee;Kim, Tae-Won;Hong, Seok-Hie;] / Journal of the Korea Institute of Information Security & Cryptology
5	Generalized Hardware Post-processing Technique for Chaos-Based Pseudorandom Number Generators / [Barakat, Mohamed L.;Mansingka, Abhinav S.;Radwan, Ahmed G.;Salama, Khaled N.;] / ETRI Journal

3	(2010) ETRI journal Generalized Hardware Post-processing Technique for Chaos-Based Pseudorandom Number Generators / 35 (3) , 448
9	(2010) 정보처리학회논문지. 컴퓨터 및 통신 시스템 전력 분석에 안전한 AES에 대한 새로운 종류의 충돌쌍 공격 / 2 (9) , 393
6	(2010) 情報保護學會論文誌 Blacklist를 활용한 선택적 평문 충돌 쌍 공격 / 24 (6) , 1103
2	(2010) ETRI journal New Type of Collision Attack on First-Order Masked AESs / 38 (2) , 387
1	(2010) Scientific reports Multilevel information fusion for cryptographic substitution box construction based on inevitable random noise in medical imaging / 11 (1) , 14282