|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Group meeting presentations > Side-Channel Attack Resistant ROM-Based AES S-Box
Side-Channel Attack Resistant ROM-Based AES S-BoxAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Sergei Skorobogatov. This talk has been canceled/deleted One of the most popular encryption algorithms in use today is the Advanced Encryption Standard (AES). A repeated function within the algorithm that dominates the area and delay of AES implementations is the Substitution Box (S-Box) that performs a byte-wise substitution on the data based on an established code book. Most AES algorithm implementations use a large complex logic block consisting mainly of XORs to implement the S-Box. Direct implementation of the S-Box with a read-only memory (ROM) look-up table (LUT) has been eschewed due to difficulty in pipelining the structure, hence restricting the throughput. However, we present a custom ROM -based S-Box implementation that can achieve comparable throughput to logic-based implementations, yet is smaller in both area and power. Additionally, the symmetrical nature of the ROM is well suited towards maintaining power consumption un-correlated to data, which is key to defeating a common side-channel attack, differential power analysis (DPA). In comparison, DPA -resistant logic typically requires a 3—4x penalty in power, area, and performance. Our design can sustain a throughput of 6.15 Gbps while using 2x less area than a modern standard cell implementation in a 90 nm process, while significantly reducing data-dependent power consumption. This talk is part of the Computer Laboratory Security Group meeting presentations series. This talk is included in these lists:This talk is not included in any other list Note that ex-directory lists are not shown. |
Other listsJunior Mirror Symmetry Seminars Centre of African Studies Michaelmas Seminars Physics and Chemistry of Solids GroupOther talksInvestigating the Functional Anatomy of Motion Processing Pathways in the Human Brain Symbolic AI in Computational Biology; applications to disease gene and drug target identification Anthropological engineering and hominin dietary ecology Repetitive Behavior and Restricted Interests: Developmental, Genetic, and Neural Correlates Plants of the Richtersveld Bringing Personality Theory Back to Life: On Persons-in-Context, Idiographic Strategies, and Lazarus Discovering regulators of insulin output with flies and human islets: implications for diabetes and pancreas cancer Scale and anisotropic effects in necking of metallic tensile specimens Coin Betting for Backprop without Learning Rates and More Stereodivergent Catalysis, Strategies and Tactics Towards Secondary Metabolites as enabling tools for the Study of Natural Products Biology Graded linearisations for linear algebraic group actions |
Friday 30 July 2010, 16:00-17:00