Svetla Nikova

Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

Hardware implementations of cryptographic algorithms are vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. Many protection measures depart from an idealized hardware model that is very expensive to meet with real hardware. In particular, the presence of glitches causes many masking techniques to leak information during the computation of nonlinear functions. We discuss a recently introduced masking method which is based on secret sharing and multi-party computation methods. The approach results in implementations that are provably resistant against a wide range of attacks, while making only minimal assumptions on the hardware. We show how to use this method to derive secure implementations of some nonlinear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results by means of low-level simulations.

Higher-Order Threshold Implementations

Higher-order differential power analysis attacks are a serious threat for cryptographic hardware implementations. In particular, glitches in the circuit make it hard to protect the implementation with masking. The existing higher-order masking countermeasures that guarantee security in the presence of glitches use multi-party computation techniques and require a lot of resources in terms of circuit area and randomness. The Threshold Implementation method is also based on multi-party computation but it is more area and randomness efficient. Moreover, it typically requires less clock-cycles since all parties can operate simultaneously. However, so far it is only provable secure against 1st-order DPA. We address this gap and extend the Threshold Implementation technique to higher orders. We define generic constructions and prove their security. To illustrate the approach, we provide 1st, 2nd and 3rd-order DPA-resistant implementations of the block cipher KATAN- 32. Our analysis of 300 million power traces measured from an FPGA implementation supports the security proofs.

Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches

Hardware implementations of cryptographic algorithms are still vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. In the presence of glitches, most of the currently known masking techniques still leak information during the computation of non-linear functions. We discuss a recently introduced masking method which is based on secret sharing and results in implementations that are provable resistant against first-order side-channel attacks, even in the presence of glitches. We reduce the hardware requirements of this method and show how to derive provable secure implementations of some non-linear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results.

Efficient and First-Order DPA Resistant Implementations of Keccak

In October 2012 NIST announced that the SHA-3 hash standard will be based on Keccak. Besides hashing, Keccak can be used in many other modes, including ones operating on a secret value. Many applications of such modes require protection against side-channel attacks, preferably at low cost. In this paper, we present threshold implementations (TI) of Keccak with three and four shares that build further on unprotected parallel and serial architectures. We improve upon earlier TI implementations of Keccak in the sense that the latter did not achieve uniformity of shares. In our proposals we do achieve uniformity at the cost of an extra share in a four-share version or at the cost of injecting a small number of fresh random bits for each computed round. The proposed implementations are efficient and provably secure against first-order side-channel attacks.

Threshold implementations of small S-boxes

Threshold implementation (TI) is a masking method that provides security against first-order DPA with minimal assumptions on the hardware. It is based on multi-party computation and secret sharing. In this paper, we provide an efficient technique to find TIs for all 3 and 4-bit permutations which also covers the set of 3×3 and 4×4 invertible S-boxes. We also discuss alternative methods to construct shared functions by changing the number of variables or shares. Moreover, we further consider the TI of 5-bit almost bent and 6-bit almost perfect nonlinear permutations. Finally, we compare the areas of these various TIs.

Using Normal Bases for Compact Hardware Implementations of the AES S-Box

The substitution box (S-box) of the Advanced Encryption Standard (AES) is based on the multiplicative inversion s(x) = xi¾? 1in GF(256) and followed by an affine transformation in GF(2). The S-box is the most expansive building block of any hardware implementation of the AES, and the multiplicative inversion is the most costly step of the S-box transformation. There exist many publications about hardware implementations of the S-box and the smallest known implementations are based on normal bases. In this paper, we introduce a new method to implement the multiplicative inversion over GF(256) based on normal bases that have not been considered before in the context of AES implementations.

Trade-Offs for Threshold Implementations Illustrated on AES

Embedded cryptographic devices are vulnerable to power analysis attacks. Threshold implementations (TIs) provide provable security against first-order power analysis attacks for hardware and software implementations. Like masking, the approach relies on secret sharing but it differs in the implementation of logic functions. While masking can fail to provide protection due to glitches in the circuit, TIs rely on few assumptions about the hardware and are fully compatible with standard design flows. We investigate two important properties of TIs in detail and point out interesting trade-offs between circuit area and randomness requirements. We propose two new TIs of AES that, starting from a common previously published implementation, illustrate possible trade-offs. We provide concrete ASIC implementation results for all three designs using the same library, and we evaluate the practical security of all three designs on the same FPGA platform. Our analysis allow us to directly compare the security provided by the different trade-offs, and to quantify the associated hardware cost.

On boolean functions with generalized cryptographic properties

By considering a new metric, we generalize cryptographic properties of Boolean functions such as resiliency and propagation characteristics. These new definitions result in a better understanding of the properties of Boolean functions and provide a better insight in the space defined by this metric. This approach leads to the construction of “hand-made” Boolean functions, i.e., functions for which the security with respect to some specific monotone sets of inputs is considered, instead of the security with respect to all possible monotone sets with the same cardinality, as in the usual definitions. This approach has the advantage that some trade-offs between important properties of Boolean functions can be relaxed.

Higher-Order Threshold Implementation of the AES S-Box

In this paper we present a threshold implementation of the Advanced Encryption Standards S-box which is secure against first- and second-order power analysis attacks. This security guarantee holds even in the presence of glitches, and includes resistance against bivariate attacks. The design requires an area of 7849 Gate Equivalents and 126 bits of randomness per S-box execution. The implementation is tested on an FPGA platform and its security claim is supported by practical leakage detection tests.

Classification of boolean functions of 6 variables or less with respect to some cryptographic properties

This paper presents an efficient approach to the classification of the affine equivalence classes of cosets of the first order Reed-Muller code with respect to cryptographic properties such as correlation-immunity, resiliency and propagation characteristics. First, we apply the method to completely classify with this respect all the 48 classes into which the general affine group AGL(2,5) partitions the cosets of RM(1,5). Second, after distinguishing the 34 affine equivalence classes of cosets of RM(1,6) in RM(3,6) we perform the same classification for these classes.