Sciweavers

CHES
2005
Springer

Successfully Attacking Masked AES Hardware Implementations

14 years 6 months ago
Successfully Attacking Masked AES Hardware Implementations
During the last years, several masking schemes for AES have been proposed to secure hardware implementations against DPA attacks. In order to investigate the effectiveness of these countermeasures in practice, we have designed and manufactured an ASIC. The chip features an unmasked and two masked AES-128 encryption engines that can be attacked independently. In addition to conventional DPA attacks on the output of registers, we have also mounted attacks on the output of logic gates. Based on simulations and physical measurements we show that the unmasked and masked implementations leak side-channel information due to glitches at the output of logic gates. It turns out that masking the AES S-Boxes does not prevent DPA attacks, if glitches occur in the circuit.
Stefan Mangard, Norbert Pramstaller, Elisabeth Osw
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where CHES
Authors Stefan Mangard, Norbert Pramstaller, Elisabeth Oswald
Comments (0)