DPA-Resistant Finite Field Multipliers and Secure AES Design

  • Yoo-Jin Baek
  • Mi-Jung Noh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3903)


The masking method is known to be one of the most powerful algorithmic countermeasures against the first-order differential power attack. This article proposes several new efficient masking algorithms applicable to finite field multipliers. Note that the finite field multiplier (more precisely, the finite field inversion) plays a crucial role in the confusion layer of many block ciphers including AES. The new algorithms are applied to implement AES DPA-securely in hardware and the detailed implementation results are presented.


Smart Card Block Cipher Advance Encryption Standard Cryptographic Operation Cryptology ePrint Archive 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    National Institute of Standards and Technology, Federal Information Processing Standards Publication 197, Anouncing the Advanced Encryption Standard(AES), (2001), Available at
  2. 2.
    Akkar, M., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Goli´c, J., Menicocci, R.: Universal Masking on Logic Gate Level. Electronics Letters 40(9), 526–527 (2004)CrossRefGoogle Scholar
  4. 4.
    Golić, J., Tymen, C.: Multiplicative Masking and Power Analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  6. 6.
    Messerges, T.: Securing the AES Finalists against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–165. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Messerges, T.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Mangard, S., Popp, T., Gammel, B.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Oswald, E., Mangard, S., Pramstaller, N.: Secure and Efficient Masking of AES - A Mission Impossible?, Cryptology ePrint Archive, Report 2004/134, (2004), Available at
  10. 10.
    Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A Side-Channel Analysis Resistant Description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Samsung smart-card library (smart130)Google Scholar
  12. 12.
    Satoh, A., Morioka, S., Takano, K., Munetoh, S.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Trichina, E.: Combinational Logic Design for AES Subbyte Transformation on Masked Data, Cryptology ePrint Archive, Report 2003/236, (2003), Available at
  14. 14.
    Trichina, E., de Seta, D., Germani, L.: Simplified Adaptive Multiplicative Masking for AES and Its Secure Implementation. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 187–197. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yoo-Jin Baek
    • 1
  • Mi-Jung Noh
    • 1
  1. 1.System SW Lab., Samsung Electronics Co.YonginKorea

Personalised recommendations