论文部分内容阅读
Substitution boxes (S-Boxes) in advanced encryption standard (AES) are vulnerable to attacks bypower analysis.The general S-Boxes masking schemes in circuit level need to adjust the design flow andlibrary databases.The masking strategies in algorithm level view each S-Box as an independent moduleand mask them respectively,which are costly in size and power for non-linear characteristic of S-Boxes.The new method uses dynamic inhomogeneous S-Boxes instead of traditional homogeneous S-Boxes,andarranges the S-Boxes randomly.So the power and data path delay of substitution unit become unpre-dictable.The experimental results demonstrate that this scheme takes advantages of the circuit character-istics of various S-Box implementations to eliminate the correlation between crypto operation and power.Itneeds less extra circuits and suits resource constrained applications.
Substitution boxes (S-Boxes) in advanced encryption standard (AES) are vulnerable to attacks by power analysis. The general S-Boxes masking schemes in circuit level need to adjust the design flow and library database. The masking strategies in algorithm level view each S- Box as an independent module and mask them respectively, which are costly in size and power for non-linear characteristic of S-Boxes. The new method uses dynamic inhomogeneous S-boxes instead of traditional homogeneous S-Boxes, andarranges the S-Boxes randomly. So the power and data path delay of substitution unit become unpre-dictable. The experimental results demonstrate that this scheme takes advantages of the circuit character-istics of various S-Box implementations to eliminate the correlation between crypto operation and power. It is less extra circuits and suits resource constrained applications.