Hi,
I was wondering if there exists some form of de-facto baseline AES FPGA design that is used as a reference for comparison with other implementations, e.g. when implementing various SCA-resistant mechanisms. Are the CW FPGA implementations (for Spartan 6 on the CW308 and Artix 7 on the CW305 boards) completely in-house implementations, or are they adapted from a particular source?
Thanks!
Not that I’m aware of.
Our reference implementation is a straightforward AES implementation with no SCA resistance, one round per clock cycle, using look-up tables for the sboxes.
I think it can be considered a good baseline against which one can compare other implementations with side-channel countermeasures, but there is no widely-accepted baseline that I’m aware of.
The AES code itself comes from here: orp/hardware/mselSoC/src/systems/geophyte/rtl/verilog/crypto_aes/rtl/verilog at master · ProjectVault/orp · GitHub
which I think was for this Google “Project Vault”:
Thank you! Btw, whilst on the topic, are Sbox implementations through look-up tables known to leak more information than other implementations?
I have no idea! My knowledge of different s-box implementations is limited to their optimization for size or speed. Typically, look-up table implementations are faster but larger – except on FPGAs, since FPGAs typically have lots of LUTs available “for free”.
Jean-Pierre