Secure multiple SBoxes implementation with arithmetically masked input

Abstract

The building blocks of several block ciphers involve arithmetic operations, bitwise operations and non-linear functions given as SBoxes. In the context of implementations secure against Side Channel Analysis, these operations shall not leak information on secret data. To this end, masking is a widely used protection technique. Propagating the masks through non-linear functions is a necessary task to achieve a sound and secure masked implementation. This paper describes an efficient method to securely access N SBoxes when the N inputs are encoded as a single word arithmetically masked. This problematic arises for instance in a secure implementation of the standard block ciphers GOST or SEED. A method using state of the art algorithms would be to first perform an arithmetic to boolean mask conversion before independently accessing the N SBoxes. Compared to this method, the algorithm proposed in this paper needs less code, less random generation and no extra memory. This makes our algorithm particularly suitable for very constrained devices. As a proof of concept, we compare an implementation in 8051 assembly language of our algorithm to the existing solutions. © 2013 Springer-Verlag.