First of all love the CW-lite! Awesome framework/tool that makes SCA accessible to the rest of us.
After looking at the attack a bit it appears to me (the crypto naiive) that SCA resistant AES should be possible by cancelling out any hamming weight changes. For instance to prevent the attack on subBytes:
- Align sbox table on 256 byte boundary.
- Interleave sbox with sbox’ where: sbox’[ i ] = sbox[ i ] ^ (address(sbox[ i ]) & 0xff) ^ 0xff
- In the sub bytes step fetch 16bit entries instead of 8 bit entries.
I understand there may be other places the key leaks and I intend to test this myself when I have cycles but just wanted to run it by the community to see if I’m missing something… I think an SCA resistant AES library along with SRAM based PUF for commodity cortex-M hardware could be a compelling solution.