Cryptographic Hardware and Embedded Systems - CHES 2013

Volume 8086 of the series Lecture Notes in Computer Science pp 142-158

Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware

  • Begül BilginAffiliated withESAT/COSIC and iMinds, KU LeuvenEEMCS-DIES, University of Twente
  • , Andrey BogdanovAffiliated withDepartment of Mathematics, Technical University of Denmark
  • , Miroslav KneževićAffiliated withNXP Semiconductors
  • , Florian MendelAffiliated withIAIK, Graz University of Technology
  • , Qingju WangAffiliated withESAT/COSIC and iMinds, KU LeuvenDepartment of Computer Science and Engineering, Shanghai Jiao Tong University

* Final gross prices may vary according to local VAT.

Get Access


In this paper, we present a novel lightweight authenticated cipher optimized for hardware implementations called Fides. It is an online nonce-based authenticated encryption scheme with authenticated data whose area requirements are as low as 793 GE and 1001 GE for 80-bit and 96-bit security, respectively. This is at least two times smaller than its closest competitors Hummingbird-2 and Grain-128a. While being extremely compact, Fides is both throughput and latency efficient, even in its most serial implementations. This is attained by our novel sponge-like design approach. Moreover, cryptographically optimal 5-bit and 6-bit S-boxes are used as basic nonlinear components while paying a special attention on the simplicity of providing first order side-channel resistance with threshold implementation.


Lightweight cryptography authenticated encryption keyed sponge glitch-free masking APN permutation almost bent permutation