It is an important challenge to implement a lowcost power analysis immune advanced encryption standard (AES) circuit. The previous study proves that substitution boxes (S-Boxes) in AES are prone to being attacked,...It is an important challenge to implement a lowcost power analysis immune advanced encryption standard (AES) circuit. The previous study proves that substitution boxes (S-Boxes) in AES are prone to being attacked, and hard to mask for its non-linear characteristic. Besides, large amounts of circuit resources in chips and power consumption are spent in protecting S-Boxes against power analysis. Thus, a novel power analysis immune scheme is proposed, which divides the data-path of AES into two parts: inhomogeneous S-Boxes instead of fixed S-Boxes are selected randomly to disturb power and logic delay in the non-linear module; at the same time, the general masking strategy is applied in the linear part of AES. This improved AES circuit was synthesized with united microelectronics corporation (UMC) 0.25 μm 1.8 V complementary metal-oxide-semiconductor (CMOS) standard cell library, and correlation power analysis experiments were executed. The results demonstrate that this secure AES implementation has very low hardware cost and can enhance the AES security effectually against power analysis.展开更多
基金the Hi-Tech Research and Development Program of China (2006AA01Z226)the Natural Science Foundation of Hubei (2006ABA080)+1 种基金the Scientific Research Foundation of Huazhong University of Science and Technology (2006Z011B)the Program for New Century Excellent Talents in University (NCET-07-0328)
文摘It is an important challenge to implement a lowcost power analysis immune advanced encryption standard (AES) circuit. The previous study proves that substitution boxes (S-Boxes) in AES are prone to being attacked, and hard to mask for its non-linear characteristic. Besides, large amounts of circuit resources in chips and power consumption are spent in protecting S-Boxes against power analysis. Thus, a novel power analysis immune scheme is proposed, which divides the data-path of AES into two parts: inhomogeneous S-Boxes instead of fixed S-Boxes are selected randomly to disturb power and logic delay in the non-linear module; at the same time, the general masking strategy is applied in the linear part of AES. This improved AES circuit was synthesized with united microelectronics corporation (UMC) 0.25 μm 1.8 V complementary metal-oxide-semiconductor (CMOS) standard cell library, and correlation power analysis experiments were executed. The results demonstrate that this secure AES implementation has very low hardware cost and can enhance the AES security effectually against power analysis.
