International Association
for Cryptologic Research

Most side channel countermeasures for software implementations of cryptography either rely on masking or randomize the execution

order of the cryptographic implementation. This work proposes a countermeasure that has constant leakage in common linear leakage models.

Constant leakage is achieved not only for internal state values, but also for

their transitions. The proposed countermeasure provides perfect protection in the theoretical leakage model. To study the practical relevance of

the proposed countermeasure, it is applied to a software implementation

of the block cipher Prince. This case study allows us to give realistic values

for resulting implementation overheads as well as for the resulting side

channel protection levels that can be achieved in realistic implementation

scenarios.