Designs, Codes and Cryptography

, Volume 69, Issue 3, pp 331–349

AES side-channel countermeasure using random tower field constructions

  • Alexis Bonnecaze
  • Pierre Liardet
  • Alexandre Venelli


Masking schemes to secure AES implementations against side-channel attacks is a topic of ongoing research. The most sensitive part of the AES is the non-linear SubBytes operation, in particular, the inversion in GF(28), the Galois field of 28 elements. In hardware implementations, it is well known that the use of the tower of extensions \({GF(2)\subset GF(2^2)\subset GF(2^4)\subset GF(2^8)}\) leads to a more efficient inversion. We propose to use a random isomorphism instead of a fixed one. Then, we study the effect of this randomization in terms of security and efficiency. Considering the field extension GF(28)/GF(24), the inverse operation leads to computation of its norm in GF(24). Hence, in order to thwart side-channel attack, we manage to spread the values of norms over GF(24). Combined with a technique of boolean masking in tower fields, our countermeasure strengthens resistance against first-order differential side-channel attacks.


AES Side-channel attack Countermeasure Masking technique Composite field arithmetic 

Mathematics Subject Classification

94A60 11T71 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  • Alexis Bonnecaze
    • 1
  • Pierre Liardet
    • 2
  • Alexandre Venelli
    • 3
  1. 1.Aix-Marseille University, IML, ERISCSMarseille Cedex 09France
  2. 2.Université de Provence, LATPMarseille Cedex 13France
  3. 3.Inside SecureRoussetFrance

Personalised recommendations