DPA on hardware implementations of Ascon and Keyak

Samwel, Niels; Daemen, Joan

doi:10.1145/3075564.3079067

Cited by 23 publications

(15 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Next, we give a list of papers that either evaluate the side-channel and fault resistance of Ascon or elaborate protection mechanisms against side-channel and fault attacks [4,7,12,[28][29][30]50,51,55,60,68,[77][78][79]83].…”

Section: Implementation Security and Robustnessmentioning

confidence: 99%

Ascon v1.2: Lightweight Authenticated Encryption and Hashing

et al. 2021

View full text Add to dashboard Cite

Authenticated encryption satisfies the basic need for authenticity and confidentiality in our information infrastructure. In this paper, we provide the specification of Ascon-128 and Ascon-128a. Both authenticated encryption algorithms provide efficient authenticated encryption on resource-constrained devices and on high-end CPUs. Furthermore, they have been selected as the “primary choice” for lightweight authenticated encryption in the final portfolio of the CAESAR competition. In addition, we specify the hash function Ascon-Hash, and the extendable output function Ascon-Xof. Moreover, we complement the specification by providing a detailed overview of existing cryptanalysis and implementation results.

show abstract

Section: Implementation Security and Robustnessmentioning

confidence: 99%

Ascon v1.2: Lightweight Authenticated Encryption and Hashing

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Cette première estimation de consommation permettra d'effectuer par la suite la caractérisation sécuritaire du circuit. Il est envisageable d'utiliser les courbes de consommation produites par PrimeTime pour réaliser des attaques par canaux cachés telles que l'analyse différentielle de la consommation (9). La figure 5 permet de mettre en évidence la différence de consommation pour 3 chiffrements différents qu'il est possible d'exploiter pour retrouver la clé secrète.…”

Section: Estimation De Consommationunclassified

Implémentation matérielle d’un algorithme de cryptographie légère pour objets connectés

Roussel

Potin

Rigaud

et al. 2022

J3eA

View full text Add to dashboard Cite

Le monde de la microélectronique a fait place à l’internet des objets (IoT). Ces objets étant de plus en plus connectés et nomades, ils ont d’abord été conçus avec des fortes contraintes de consommation. Cependant, de récentes attaques ont démontré leur vulnérabilité et la sécurité est devenue une contrainte majeure. Pour répondre à cette problématique, le projet ANR MISTRAL propose de réaliser une implémentation matérielle d’algorithme de cryptographie légère (LWC) en associant CMOS et MRAM. Cet article présente une implémentation pure CMOS d’ASCON, un algorithme de cryptographie légère finaliste du concours du NIST. Cette implémentation servira de référence pour une future implémentation hybride de l’algorithme.

show abstract

“…His new mechanism called "Changing of the Guards" can construct uniform TI for the entire layer of bijective S-boxes. This method was later applied to AES [WM18], KETJE [ANR19], ASCON and Keyac [SD17] to achieve uniformity in first-order secure designs.…”

Section: Related Workmentioning

confidence: 99%

Low-Latency Keccak at any Arbitrary Order

Zarei¹,

Shahmirzadi²,

Soleimany³

et al. 2021

TCHES

View full text Add to dashboard Cite

Correct application of masking on hardware implementation of cryptographic primitives necessitates the instantiation of registers in order to achieve the non-completeness (commonly said to stop the propagation of glitches). This sometimes leads to a high latency overhead, making the implementation not necessarily suitable for the underlying application. As a concrete example, this holds for Keccak. Application of d + 1 Domain Oriented Masking (DOM) on a round-based implementation of Keccak leads to the introduction of two register stages per round, i.e., two times higher latency. On the other hand, Rhythmic-Keccak, introduced in CHES 2018, unrolls two rounds to half the latency compared to an unprotected ordinary round-based implementation. To that end, td + 1 masking is used which requires a notable area, and – apart from the difficulty to construct – its extension to higher orders seems beyond the bounds of feasibility.In this paper, we focus on d + 1 masking and introduce a methodology which enables us to stay with the latency of an unprotected round-based implementation, i.e., one register stage per round. While being secure under glitch-extended probing model, we provide a general design where the desired security order can be easily adjusted without any effect on the above-given latency. Compared to the Rhythmic-Keccak, the synthesis results show that our first-order design is able to accomplish the entire operations of Keccak-f[200] in the same period of time while decreasing the area by 74.5%. Notably, our implementations achieve around 30% less delay compared to the corresponding original DOM-Keccak designs.

show abstract

DPA on hardware implementations of Ascon and Keyak

Cited by 23 publications

References 15 publications

Ascon v1.2: Lightweight Authenticated Encryption and Hashing

Ascon v1.2: Lightweight Authenticated Encryption and Hashing

Implémentation matérielle d’un algorithme de cryptographie légère pour objets connectés

Low-Latency Keccak at any Arbitrary Order

Contact Info

Product

Resources

About