Analysis of S-Box Hardware Resources to Improve AES Intrinsic Security Against Power Attacks

Abstract

Side-channel attacks (SCAs) have rendered Internet of Things (IoT)-based devices unsafe despite employing Advanced Encryption Standard (AES) as the cryptographic algorithm. Additional circuitry, called countermeasures, is used to protect AES against the attacks at the cost of huge area and power overheads. The attacks are performed on SubBytes round operation of AES, which comprises of 16 S-boxes. This letter makes a novel attempt to boost the intrinsic security of an unprotected AES by analyzing four smallest composite field arithmetic (CFA)-based S-boxes available in literature, Circuit Minimization Team (CMT), Canright, Maximov, and Masoleh with lookup table (LUT)-based S-box as a reference. This letter proposes an AES design which is unprotected but with enhanced security. The designer can aim higher security by adding smaller countermeasure protective schemes before incorporating into IoT devices. A novel 3-D hardware analysis, namely, hardware resources, hardware complexity/linearity, and hardware security, is performed which demonstrates that lesser gate equivalent (GE) and linear gates of Masoleh S-box offer the highest security. Upon evaluation on Side-Channel Attack Standard Evaluation Board (SASEBO), all the hardware security metrics favored Masoleh S-box, depicting nearly $94 \times $ gain in security and 80% reduction in area with respect to other unprotected designs.