SCA resistant AES implementation

tinylabs · January 4, 2019, 4:12pm

First of all love the CW-lite! Awesome framework/tool that makes SCA accessible to the rest of us.

After looking at the attack a bit it appears to me (the crypto naiive) that SCA resistant AES should be possible by cancelling out any hamming weight changes. For instance to prevent the attack on subBytes:

Align sbox table on 256 byte boundary.
Interleave sbox with sbox’ where: sbox’[ i ] = sbox[ i ] ^ (address(sbox[ i ]) & 0xff) ^ 0xff
In the sub bytes step fetch 16bit entries instead of 8 bit entries.

I understand there may be other places the key leaks and I intend to test this myself when I have cycles but just wanted to run it by the community to see if I’m missing something… I think an SCA resistant AES library along with SRAM based PUF for commodity cortex-M hardware could be a compelling solution.

Best,
Elliot

jpthibault · February 21, 2019, 3:02pm

Hi Elliot,

By all means try it and report back your findings, but I see a couple of issues: first, ensure the compiler doesn’t optimize out sbox’[i]; second, and harder to surmount, is that sbox[i] will be used to encrypt while sbox’[i] won’t, so it will have a different datapath which will lead to power differences. Masking power is devilishly hard in practice, but don’t let that discourage you from trying

tinylabs · February 21, 2019, 5:14pm

Appreciate the response! That will be useful guidance when I have a chance to implement. My plan was to implement the AES algorithm in thumb2 assembly to prevent any compiler perversions of my intentions. Hopefully some crypto yoda types on these forums can tear apart my implementation to see where I went wrong. I’ll make sure it runs on the CW308T-STM32F. Standby.