Block Ciphers that are Easier to Mask: How Far Can we Go?

Abstract : The design and analysis of lightweight block ciphers has been a very active research area over the last couple of years, with many innovative proposals trying to optimize di erent performance gures. However, since these block ciphers are dedicated to low-cost embedded devices, their implementation is also a typical target for side-channel adversaries. As preventing such attacks with countermeasures usually implies signi cant performance overheads, a natural open problem is to propose new algorithms for which physical security is considered as an optimization criteria, hence allowing better performances again. We tackle this problem by studying how much we can tweak standard block ciphers such as the AES Rijndael in order to allow e cient masking (that is one of the most frequently considered solutions to improve security against side-channel attacks). For this purpose, we rst investigate alternative S- boxes and round structures. We show that both approaches can be used separately in order to limit the total number of non-linear operations in the block cipher, hence allowing more e cient masking. We then combine these ideas into a concrete instance of block cipher called Zorro. We further provide a detailed security analysis of this new cipher taking its design speci cities into account, leading us to exploit innovative techniques borrowed from hash function cryptanalysis (that are sometimes of independent interest). Eventually, we conclude the paper by evaluating the e ciency of masked Zorro implementations in an 8-bit microcontroller, and exhibit their interesting performance gures.
Document type :
Conference papers
Complete list of metadatas

Cited literature [55 references]  Display  Hide  Download

https://hal.inria.fr/hal-00907727
Contributor : María Naya-Plasencia <>
Submitted on : Thursday, November 21, 2013 - 4:19:25 PM
Last modification on : Friday, May 25, 2018 - 12:02:05 PM
Long-term archiving on: Saturday, February 22, 2014 - 4:41:36 AM

File

369.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-00907727, version 1

Collections

Citation

Benoît Gérard, Vincent Grosso, María Naya-Plasencia, François-Xavier Standaert. Block Ciphers that are Easier to Mask: How Far Can we Go?. Cryptographic Hardware and Embedded Systems - CHES 2013, Aug 2013, Santa Barbara, United States. pp.383-399. ⟨hal-00907727⟩

Share

Metrics

Record views

573

Files downloads

404