International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Spin Me Right Round Rotational Symmetry for FPGA-Specific AES

Authors:
Lauren De Meyer , imec - COSIC, KU Leuven
Amir Moradi , Horst Görtz Institute for IT Security, Ruhr-Universität Bochum
Felix Wegener , Horst Görtz Institute for IT Security, Ruhr-Universität Bochum
Download:
DOI: 10.13154/tches.v2018.i3.596-626
URL: https://tches.iacr.org/index.php/TCHES/article/view/7288
Search ePrint
Search Google
Abstract: The effort in reducing the area of AES implementations has largely been focused on Application-Specific Integrated Circuits (ASICs) in which a tower field construction leads to a small design of the AES S-box. In contrast, a naïve implementation of the AES S-box has been the status-quo on Field-Programmable Gate Arrays (FPGAs). A similar discrepancy holds for masking schemes – a wellknown side-channel analysis countermeasure – which are commonly optimized to achieve minimal area in ASICs.In this paper we demonstrate a representation of the AES S-box exploiting rotational symmetry which leads to a 50% reduction of the area footprint on FPGA devices. We present new AES implementations which improve on the state of the art and explore various trade-offs between area and latency. For instance, at the cost of increasing 4.5 times the latency, one of our design variants requires 25% less look-up tables (LUTs) than the smallest known AES on Xilinx FPGAs by Sasdrich and Güneysu at ASAP 2016. We further explore the protection of such implementations against first-order side-channel analysis attacks. Targeting the small area footprint on FPGAs, we introduce a heuristic-based algorithm to find a masking of a given function with d + 1 shares. Its application to our new construction of the AES S-box allows us to introduce the smallest masked AES implementation on Xilinx FPGAs, to-date.
BibTeX
@article{tches-2018-29067,
  title={Spin Me Right Round Rotational Symmetry for FPGA-Specific AES},
  journal={IACR Trans. Cryptogr. Hardw. Embed. Syst.},
  publisher={Ruhr-Universität Bochum},
  volume={2018, Issue 3},
  pages={596-626},
  url={https://tches.iacr.org/index.php/TCHES/article/view/7288},
  doi={10.13154/tches.v2018.i3.596-626},
  author={Lauren De Meyer and Amir Moradi and Felix Wegener},
  year=2018
}