Conference paper Open Access

Higher-Order Threshold Implementation of the AES S-Box

De Cnudde, Thomas; Bilgin, Begül; Reparaz, Oscar; Nikov, Ventzislav; Nikova, Svetla

Dublin Core Export

<?xml version='1.0' encoding='utf-8'?>
<oai_dc:dc xmlns:dc="" xmlns:oai_dc="" xmlns:xsi="" xsi:schemaLocation="">
  <dc:creator>De Cnudde, Thomas</dc:creator>
  <dc:creator>Bilgin, Begül</dc:creator>
  <dc:creator>Reparaz, Oscar</dc:creator>
  <dc:creator>Nikov, Ventzislav</dc:creator>
  <dc:creator>Nikova, Svetla</dc:creator>
  <dc:description>In this paper we present a threshold implementation of the Advanced Encryption Standard’s S-box which is secure against first- and second-order power analysis attacks. This security guarantee holds even in the presence of glitches, and includes resistance against bivariate attacks. The design requires an area of 7849 Gate Equivalents and 126 bits of randomness per S-box execution. The implementation is tested on an FPGA platform and its security claim is supported by practical leakage detection tests.</dc:description>
  <dc:description>H2020 644052 / HECTOR</dc:description>
  <dc:publisher>Springer International Publishing</dc:publisher>
  <dc:subject>Higher-order, Threshold implementations, AES, S-box, Masking</dc:subject>
  <dc:title>Higher-Order Threshold Implementation of the AES S-Box</dc:title>
All versions This version
Views 3737
Downloads 3535
Data volume 18.7 MB18.7 MB
Unique views 3737
Unique downloads 3232


Cite as