A Low-Overhead Countermeasure against Differential Power Analysis for AES Block Cipher.

This paper presents the employment of a DPA attack on the NIST (National Institute of Standards and Technology) standardized AES (advance encryption standard) protocol for key retrieval and prevention. Towards key retrieval, we applied the DPA attack on AES to obtain a 128-bit secret key by measuring the power traces of the computations involved in the algorithm. In resistance to the DPA attack, we proposed a countermeasure, or a new modified masking scheme, comprising (i) Boolean and (ii) multiplicative masking, for linear and non-linear operations of AES, respectively. Furthermore, we improved the complexity involved in Boolean masking by introducing Rebecca's approximation. Moreover, we provide a novel solution to tackle the zero mask problem in multiplicative masking. To evaluate the power traces, we propose our custom correlation technique, which results in a decrease in the calculation time. The synthesis results for original implementation (without countermeasure) and inclusion of countermeasure are given on a Zynq 7020 FPGA (Artix-7 device). It takes 424 FPGA slices when implemented without considering the countermeasure, whereas 714 slices are required to implement AES with the inclusion of the proposed countermeasure. Consequently, the implementation results provide the acceptability of this work for area-constrained applications that require prevention against DPA attacks. [ABSTRACT FROM AUTHOR]