dc.contributor.author | Askeland, Amund | |
dc.contributor.author | Dhooghe, S. | |
dc.contributor.author | Petkova-Nikova, Svetla Iordanova | |
dc.contributor.author | Rijmen, Vincent Stefaan | |
dc.contributor.author | Zhang, Zhenda | |
dc.date.accessioned | 2024-02-23T11:57:55Z | |
dc.date.available | 2024-02-23T11:57:55Z | |
dc.date.created | 2023-01-09T11:13:32Z | |
dc.date.issued | 2023 | |
dc.identifier.issn | 0302-9743 | |
dc.identifier.uri | https://hdl.handle.net/11250/3119633 | |
dc.description.abstract | We provide three first-order hardware maskings of the AES, each allowing for a different trade-off between the number of shares and the number of register stages. All maskings use a generalization of the changing of the guards method enabling the re-use of random- ness between masked S-boxes. As a result, the maskings do not require fresh randomness while still allowing for a minimal number of shares and providing provable security in the glitch-extended probing model. The low-area variant has five cycles of latency and a serialized area cost of 8.13 kGE. The low-latency variant reduces the latency to three cycles while increasing the serialized area by 67.89% compared to the low-area variant. The maskings of the AES encryption are implemented on FPGA and evaluated with Test Vector Leakage Assessment (TVLA). | en_US |
dc.language.iso | eng | en_US |
dc.publisher | Springer | en_US |
dc.title | Guarding the First Order: The Rise of AES Maskings | en_US |
dc.type | Journal article | en_US |
dc.type | Peer reviewed | en_US |
dc.description.version | acceptedVersion | en_US |
dc.rights.holder | Copyright 2023 The Author(s) | en_US |
cristin.ispublished | true | |
cristin.fulltext | postprint | |
cristin.qualitycode | 1 | |
dc.identifier.doi | 10.1007/978-3-031-25319-5_6 | |
dc.identifier.cristin | 2103112 | |
dc.source.journal | Lecture Notes in Computer Science (LNCS) | en_US |
dc.identifier.citation | Lecture Notes in Computer Science (LNCS). 2023, 13820 | en_US |
dc.source.volume | 13820 | en_US |