Automatic Search of Threshold Implementations of 4-Bit S-Boxes Resisting DPA

• Published in: Chinese Journal of Electronics Vol. 26; no. 1; pp. 93 - 100
• Main Authors: Liu, Bozhong, Gong, Zheng, Qiu, Weidong
• Format: Journal Article
• Language: English
• Published: Published by the IET on behalf of the CIE 01.01.2017
• Subjects: automatic search process; cryptography; Differential power attacks; DPA; DPA resistance; first‐order differential power attack resistance; function decomposition; lightweight block ciphers; nonlinear function; substitution box; S‐box; S‐boxes; Threshold implementation; time complexity; time memory; Time memory trade‐off; 一阶差分; 搜索过程; 时间复杂度; 自动搜索; 阈值; 非线性函数; Time memory trade-off; Differential power attacks; Threshold implementation; S-box
• ISSN: 1022-4653; 2075-5597
• DOI: 10.1049/cje.2016.10.012

The threshold implementation method of Substitution box（S-box） has been proposed by Nikova et al. for resisting first-order Differential power attacks with glitches. To lower the time complexity for a threshold implementation of a specific non-linear function, one needs to decompose the function first and then search possible share methods for it. However, the time complexity for this search process is still non-trivial. In this paper, an effective method of searching threshold implementations of4-bit S-boxes is proposed. It mainly consists of two stages.For the decomposing stage, an efficient way of decomposing an S-box is introduced. For the sharing stage, the search complexity is lowered by the technique of time memory trade-off. As a result, threshold implementations of various lightweight block ciphers＇ S-boxes are given. Moreover, our method is applied to each 4-bit involutive S-box and some candidates of threshold implementations are presented.