CryptoDB
Spin Me Right Round Rotational Symmetry for FPGA-Specific AES
| Authors: |
|
|---|---|
| Download: | |
| Abstract: | The effort in reducing the area of AES implementations has largely been focused on Application-Specific Integrated Circuits (ASICs) in which a tower field construction leads to a small design of the AES S-box. In contrast, a naïve implementation of the AES S-box has been the status-quo on Field-Programmable Gate Arrays (FPGAs). A similar discrepancy holds for masking schemes – a wellknown side-channel analysis countermeasure – which are commonly optimized to achieve minimal area in ASICs.In this paper we demonstrate a representation of the AES S-box exploiting rotational symmetry which leads to a 50% reduction of the area footprint on FPGA devices. We present new AES implementations which improve on the state of the art and explore various trade-offs between area and latency. For instance, at the cost of increasing 4.5 times the latency, one of our design variants requires 25% less look-up tables (LUTs) than the smallest known AES on Xilinx FPGAs by Sasdrich and Güneysu at ASAP 2016. We further explore the protection of such implementations against first-order side-channel analysis attacks. Targeting the small area footprint on FPGAs, we introduce a heuristic-based algorithm to find a masking of a given function with d + 1 shares. Its application to our new construction of the AES S-box allows us to introduce the smallest masked AES implementation on Xilinx FPGAs, to-date. |
BibTeX
@article{tches-2018-29067,
title={Spin Me Right Round Rotational Symmetry for FPGA-Specific AES},
journal={IACR Trans. Cryptogr. Hardw. Embed. Syst.},
publisher={Ruhr-Universität Bochum},
volume={2018, Issue 3},
pages={596-626},
url={https://tches.iacr.org/index.php/TCHES/article/view/7288},
doi={10.13154/tches.v2018.i3.596-626},
author={Lauren De Meyer and Amir Moradi and Felix Wegener},
year=2018
}