|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Group meeting presentations > Side-Channel Attack Resistant ROM-Based AES S-Box
Side-Channel Attack Resistant ROM-Based AES S-BoxAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Sergei Skorobogatov. One of the most popular encryption algorithms in use today is the Advanced Encryption Standard (AES). A repeated function within the algorithm that dominates the area and delay of AES implementations is the Substitution Box (S-Box) that performs a byte-wise substitution on the data based on an established code book. Most AES algorithm implementations use a large complex logic block consisting mainly of XORs to implement the S-Box. Direct implementation of the S-Box with a read-only memory (ROM) look-up table (LUT) has been eschewed due to difficulty in pipelining the structure, hence restricting the throughput. However, we present a custom ROM -based S-Box implementation that can achieve comparable throughput to logic-based implementations, yet is smaller in both area and power. Additionally, the symmetrical nature of the ROM is well suited towards maintaining power consumption un-correlated to data, which is key to defeating a common side-channel attack, differential power analysis (DPA). In comparison, DPA -resistant logic typically requires a 3—4x penalty in power, area, and performance. Our design can sustain a throughput of 6.15 Gbps while using 2x less area than a modern standard cell implementation in a 90 nm process, while significantly reducing data-dependent power consumption. This talk is part of the Computer Laboratory Security Group meeting presentations series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsMini Courses in Theoretical Computer Science Cambridge Centre for Climate Science Enterprise Tuesday 2012/2013Other talksSingle Cell Seminars (August) Development of a Broadly-Neutralising Vaccine against Blood-Stage P. falciparum Malaria Climate Change: Engaging Youth Vest up! Working with St John's Medical Response Team Stopping the Biological Clock – The Lazarus factor and Pulling Life back from the Edge. Inferring the Evolutionary History of Cancers: Statistical Methods and Applications Immigration and Freedom The Partition of India and Migration The Rise of Augmented Intelligence in Edge Networks Vision Journal Club: feedforward vs back in figure ground segmentation |
Friday 30 July 2010, 16:00-16:30