A comprehensive analysis of performance and side-channel-leakage of AES SBOX implementations in embedded software

WESS '10 Pub Date : 2010-10-24 DOI:10.1145/1873548.1873553

A. Sinha, Zhimin Chen, P. Schaumont

{"title":"A comprehensive analysis of performance and side-channel-leakage of AES SBOX implementations in embedded software","authors":"A. Sinha, Zhimin Chen, P. Schaumont","doi":"10.1145/1873548.1873553","DOIUrl":null,"url":null,"abstract":"The Advanced Encryption Standard is used in almost every new embedded application that needs a symmetric-key cipher. In such embedded applications, high-performance as well as resistance against implementation attacks is mandatory. In this paper, we compare and contrast three different software implementations of AES. The first two are based on cryptographic lookup tables, while the third uses bit-slicing. We analyze the performance and side-channel resistance of each implementation on two different FPGA platforms, one based on a PowerPC processor, and the second based on a LEON-3 soft-core processor. Our measurements show that, on embedded platforms, a bit-sliced AES implementation does not always outperform a lookup-table based AES implementation. We also present a detailed analysis of the side-channel resistance and the source of side-channel leakage, and show that our bit-sliced implementation has eight times more side-channel leakage than the lookup-table implementations. Hence, we conclude that a variation on the implementation style for embedded software implementation of AES will not only affect performance, but also embedded system security.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"232 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"WESS '10","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1873548.1873553","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

The Advanced Encryption Standard is used in almost every new embedded application that needs a symmetric-key cipher. In such embedded applications, high-performance as well as resistance against implementation attacks is mandatory. In this paper, we compare and contrast three different software implementations of AES. The first two are based on cryptographic lookup tables, while the third uses bit-slicing. We analyze the performance and side-channel resistance of each implementation on two different FPGA platforms, one based on a PowerPC processor, and the second based on a LEON-3 soft-core processor. Our measurements show that, on embedded platforms, a bit-sliced AES implementation does not always outperform a lookup-table based AES implementation. We also present a detailed analysis of the side-channel resistance and the source of side-channel leakage, and show that our bit-sliced implementation has eight times more side-channel leakage than the lookup-table implementations. Hence, we conclude that a variation on the implementation style for embedded software implementation of AES will not only affect performance, but also embedded system security.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

综合分析了嵌入式软件中AES SBOX实现的性能和侧信道泄漏

高级加密标准几乎用于所有需要对称密钥密码的新型嵌入式应用程序。在这样的嵌入式应用程序中，高性能和抗实现攻击是必须的。在本文中，我们比较和对比了三种不同的AES软件实现。前两个基于加密查找表，而第三个使用位切片。我们在两种不同的FPGA平台上分析了每种实现的性能和侧通道电阻，一种基于PowerPC处理器，另一种基于LEON-3软核处理器。我们的测量表明，在嵌入式平台上，位切片AES实现并不总是优于基于查询表的AES实现。我们还详细分析了侧通道电阻和侧通道泄漏的来源，并表明我们的位切片实现比查找表实现的侧通道泄漏多8倍。因此，我们得出结论，嵌入式软件实现AES的实现风格的变化不仅会影响性能，还会影响嵌入式系统的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

WESS '10

自引率

0.00%

发文量