International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Rhythmic Keccak: SCA Security and Low Latency in HW

Victor Arribas , KU Leuven, imec-COSIC
Begül Bilgin , KU Leuven, imec-COSIC
George Petrides , Vrije Universiteit Brussel
Svetla Nikova , KU Leuven, imec-COSIC
Vincent Rijmen , KU Leuven, imec-COSIC
DOI: 10.13154/tches.v2018.i1.269-290
Search ePrint
Search Google
Abstract: Glitches entail a great issue when securing a cryptographic implementation in hardware. Several masking schemes have been proposed in the literature that provide security even in the presence of glitches. The key property that allows this protection was introduced in threshold implementations as non-completeness. We address crucial points to ensure the right compliance of this property especially for low-latency implementations. Specifically, we first discuss the existence of a flaw in DSD 2017 implementation of Keccak by Gross et al. in violation of the non-completeness property and propose a solution. We perform a side-channel evaluation on the first-order and second-order implementations of the proposed design where no leakage is detected with up to 55 million traces. Then, we present a method to ensure a non-complete scheme of an unrolled implementation applicable to any order of security or algebraic degree of the shared function. By using this method we design a two-rounds unrolled first-order Keccak-
Video from TCHES 2018
  title={Rhythmic Keccak: SCA Security and Low Latency in HW},
  journal={Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2018, Issue 1},
  author={Victor Arribas and Begül Bilgin and George Petrides and Svetla Nikova and Vincent Rijmen},