Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

C. Paar (Editor), S.I. Nikova, Vincent Rijmen, J.J. Quisquater (Editor), B. Sunar (Editor), Martin Schläffer

    Research output: Contribution to journalArticleAcademicpeer-review

    242 Citations (Scopus)
    27 Downloads (Pure)


    Hardware implementations of cryptographic algorithms are vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. Many protection measures depart from an idealized hardware model that is very expensive to meet with real hardware. In particular, the presence of glitches causes many masking techniques to leak information during the computation of nonlinear functions. We discuss a recently introduced masking method which is based on secret sharing and multi-party computation methods. The approach results in implementations that are provably resistant against a wide range of attacks, while making only minimal assumptions on the hardware. We show how to use this method to derive secure implementations of some nonlinear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results by means of low-level simulations.
    Original languageUndefined
    Pages (from-to)292-321
    Number of pages27
    JournalJournal of cryptology
    Issue number2
    Publication statusPublished - 2011


    • SCS-Cybersecurity
    • EWI-15293
    • DPA - Masking - Glitches - Sharing - Nonlinear functions - S-box - Noekeon
    • IR-75135
    • METIS-278689

    Cite this