Conference paper Open Access

ISAP -- Towards Side-Channel Secure Authenticated Encryption

Christoph Dobraunig; Maria Eichlseder; Stefan Mangard; Florian Mendel; Thomas Unterluggauer

DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="" xmlns="" xsi:schemaLocation="">
  <identifier identifierType="DOI">10.5281/zenodo.571743</identifier>
      <creatorName>Christoph Dobraunig</creatorName>
      <affiliation>Graz University of Technology</affiliation>
      <creatorName>Maria Eichlseder</creatorName>
      <affiliation>Graz University of Technology</affiliation>
      <creatorName>Stefan Mangard</creatorName>
      <affiliation>Graz University of Technology</affiliation>
      <creatorName>Florian Mendel</creatorName>
      <affiliation>Graz University of Technology</affiliation>
      <creatorName>Thomas Unterluggauer</creatorName>
      <affiliation>Graz University of Technology</affiliation>
    <title>ISAP -- Towards Side-Channel Secure Authenticated Encryption</title>
    <subject>authenticated encryption</subject>
    <subject>fresh re-keying</subject>
    <subject>passive side-channel attacks</subject>
    <subject>sponge construction</subject>
    <subject>permutation-based construction</subject>
    <date dateType="Issued">2017-03-05</date>
  <resourceType resourceTypeGeneral="Text">Conference paper</resourceType>
    <alternateIdentifier alternateIdentifierType="url"></alternateIdentifier>
    <relatedIdentifier relatedIdentifierType="URL" relationType="IsPartOf"></relatedIdentifier>
    <rights rightsURI="">Creative Commons Attribution Non Commercial 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
    <description descriptionType="Abstract">&lt;p&gt;Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks are cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage on the session key during cryptographic operations with different inputs. While these schemes can be applied to secure standard communication settings, current re-keying approaches are unable to provide protection in settings where the same input needs to be processed multiple times. In this work, we therefore adapt the re-keying approach and present a symmetric authenticated encryption scheme that is secure against DPA attacks and that does not have such a usage restriction. This means that our scheme fully complies with the requirements given in the CAESAR call and hence, can be used like other noncebased authenticated encryption schemes without loss of side-channel protection. Its resistance against side-channel analysis is highly relevant for several applications in practice, like bulk storage settings in general and the protection of FPGA bitfiles and firmware images in particular.&lt;/p&gt;</description>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/644052/">644052</awardNumber>
All versions This version
Views 1010
Downloads 66
Data volume 3.4 MB3.4 MB
Unique views 1010
Unique downloads 66


Cite as