论文部分内容阅读
Substitution boxes (S-Boxes) in advanced encryption standard (AES) are vulnerable to attacks by power analysis. The general S-Boxes masking schemes in circuit level need to adjust the design flow and library databases. The masking strategies in algorithm level view each S-Box as an independent module and mask them respectively, which are costly in size and power for non-linear characteristic of S-Boxes. The new method uses dynamic inhomogeneous S-Boxes instead of traditional homogeneous S-Boxes, and arranges the S-Boxes randomly. So the power and data path delay of substitution unit become unpredictable. The experimental results demonstrate that this scheme takes advantages of the circuit characteristics of various S-Box implementations to eliminate the correlation between crypto operation and power. It needs less extra circuits and suits resource constrained applications.