On the Construction of Side-Channel Attack Resilient S-boxes

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10348)


Side-channel attacks exploit physical characteristics of implementations of cryptographic algorithms in order to extract sensitive information such as the secret key. These physical attacks are among the most powerful attacks against real-world crypto-systems. In recent years, there has been a number of proposals how to increase the resilience of ciphers against side-channel attacks. One class of proposals concentrates on the intrinsic resilience of ciphers and more precisely their S-boxes. A number of properties has been proposed such as the transparency order, the confusion coefficient and the modified transparency order. Although results with those properties confirm that they are (to some extent) related with the S-box resilience, there is still much to be investigated. There, the biggest drawback stems from the fact that even S-boxes with the best possible values of those properties have only slightly improved side-channel resistance. In this paper, we propose to construct small sized S-boxes based on the results of the measurements of the actual physical attacks. More precisely, we model our S-boxes to be as resilient as possible against non-profiled and profiled physical attacks. Our results highlight that we can design \(4\times 4\) and \(5\times 5\) S-boxes that possess increased resistance against various real-world attacks.


S-box construction Lightweight cryptography Genetic algorithms Side-channel analysis Correlation power analysis Template attacks 



L. Lerman is funded by the Brussels Institute for Research and Innovation (Innoviris) for the SCAUT project. S. Picek was supported in part by Croatian Science Foundation under the project IP-2014-09-4882.


  1. 1.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems [32], pp. 104–113Google Scholar
  2. 2.
    Picek, S., Batina, L., Jakobovic, D.: Evolving DPA-resistant Boolean functions. In: Bartz-Beielstein, T., Branke, J., Filipič, B., Smith, J. (eds.) PPSN 2014. LNCS, vol. 8672, pp. 812–821. Springer, Cham (2014). doi: 10.1007/978-3-319-10762-2_80 Google Scholar
  3. 3.
    Picek, S., Papagiannopoulos, K., Ege, B., Batina, L., Jakobovic, D.: Confused by confusion: systematic evaluation of DPA resistance of various S-boxes. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 374–390. Springer, Cham (2014). doi: 10.1007/978-3-319-13039-2_22 Google Scholar
  4. 4.
    Picek, S., Mazumdar, B., Mukhopadhyay, D., Batina, L.: Modified transparency order property: solution or just another attempt. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 210–227. Springer, Cham (2015). doi: 10.1007/978-3-319-24126-5_13 CrossRefGoogle Scholar
  5. 5.
    Young, A.L., Yung, M.: The Dark Side of “Black-Box” Cryptography, or: Should We Trust Capstone? [32], pp. 89–103Google Scholar
  6. 6.
    Carlet, C.: Boolean functions for cryptography and error correcting codes. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, 1st edn, pp. 257–397. Cambridge University Press, New York (2010)CrossRefGoogle Scholar
  7. 7.
    Carlet, C.: Vectorial Boolean functions for cryptography. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, 1st edn, pp. 398–469. Cambridge University Press, New York (2010)CrossRefGoogle Scholar
  8. 8.
    Leander, G., Poschmann, A.: On the classification of 4 bit S-boxes. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 159–176. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-73074-3_13 CrossRefGoogle Scholar
  9. 9.
    Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçın, T.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-34961-4_14 CrossRefGoogle Scholar
  10. 10.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38348-9_19 CrossRefGoogle Scholar
  11. 11.
    Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon: CAESAR submission (2014).
  12. 12.
    Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Wang, Q., Yasuda, K.: PRIMATEs v1 Submission to the CAESAR Competition (2014).
  13. 13.
    Coron, J.-S., Kocher, P., Naccache, D.: Statistics and secret leakage. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 157–173. Springer, Heidelberg (2001). doi: 10.1007/3-540-45472-1_12 CrossRefGoogle Scholar
  14. 14.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). doi: 10.1007/3-540-36400-5_3 CrossRefGoogle Scholar
  15. 15.
    Chakraborty, K., Sarkar, S., Maitra, S., Mazumdar, B., Mukhopadhyay, D., Prouff, E.: Redefining the transparency order. In: WCC2015-9th International Workshop on Coding and Cryptography 2015 (2015)Google Scholar
  16. 16.
    Fei, Y., Luo, Q., Ding, A.A.: A statistical model for DPA with novel algorithmic confusion analysis. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 233–250. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33027-8_14 CrossRefGoogle Scholar
  17. 17.
    Fei, Y., Ding, A.A., Lao, J., Zhang, L.: A statistics-based success rate model for DPA and CPA. J. Cryptographic Eng. 5(4), 227–243 (2015)CrossRefGoogle Scholar
  18. 18.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_26 CrossRefGoogle Scholar
  19. 19.
    Gong, Z., Nikova, S., Law, Y.W.: KLEIN: a new family of lightweight block ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-25286-0_1 CrossRefGoogle Scholar
  20. 20.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74735-2_31 CrossRefGoogle Scholar
  21. 21.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference Submission to NIST(Round 3) (2011)Google Scholar
  22. 22.
    Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Yasuda, K., Wang, Q.: PRIMATEs v1.02: CAESAR submission, September 2014Google Scholar
  23. 23.
    Eiben, A.E., Smith, J.E.: Introduction to Evolutionary Computing. Springer, Berlin, Heidelberg, New York (2003)CrossRefzbMATHGoogle Scholar
  24. 24.
    Lerman, L., Markowitch, O., Veshchikov, N.: Comparing sboxes of ciphers from the perspective of side-channel attacks. In: 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST), 1–6 December 2016Google Scholar
  25. 25.
    Lerman, L., Poussier, R., Bontempi, G., Markowitch, O., Standaert, F.-X.: Template attacks vs. machine learning revisited (and the curse of dimensionality in side-channel analysis). In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 20–33. Springer, Cham (2015). doi: 10.1007/978-3-319-21476-4_2 CrossRefGoogle Scholar
  26. 26.
    Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005). doi: 10.1007/11545262_3 CrossRefGoogle Scholar
  27. 27.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85053-3_27 CrossRefGoogle Scholar
  28. 28.
    Lerman, L., Bontempi, G., Markowitch, O.: Side channel attack: an approach based on machine learning. In: Second International Workshop on Constructive Side Channel Analysis and Secure Design, Center for Advanced Security Research Darmstadt, pp. 29–41 (2011)Google Scholar
  29. 29.
    Hospodar, G., Gierlichs, B., Mulder, E.D., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channel analysis: a first study. J. Cryptograph. Eng. 1(4), 293–302 (2011)CrossRefGoogle Scholar
  30. 30.
    Lerman, L., Bontempi, G., Markowitch, O.: Power analysis attack: an approach based on machine learning. IJACT 3(2), 97–115 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001). doi: 10.1007/3-540-44706-7_11 CrossRefGoogle Scholar
  32. 32.
    Koblitz, N. (ed.): Proceedings of 16th Annual International Cryptology Conference Advances in Cryptology - CRYPTO 1996, Santa Barbara, California, USA, 18–22 August 1996. LNCS, vol. 1109. Springer, Heidelberg (1996)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Quality and Security of Information Systems, Département d’InformatiqueUniversité libre de BruxellesBrusselsBelgium
  2. 2.KU Leuven ESAT/COSIC and IMECLeuven-heverleeBelgium

Personalised recommendations