A New Type of Countermeasure against DPA in Multi-Sbox of Block Cipher

Abstract EN

The Internet of Things (IoT) provides the network for physical devices, like home appliances, embedded with electronics, sensors, and software, to share and exchange data.

With its fast development, security of IoT has become a crucial problem.

Among the methods of attack, side-channel attack has proven to be an effective tool to compromise the security of different devices with improving techniques of data processing, like DPA and CPA.

Meanwhile, many countermeasures have risen accordingly as well, such as masking and noise addition.

However, their common deficiency was that every single countermeasure might not be able to protect the key information completely after statistical analysis.

Sensitive information will be disclosed during differential power analysis of Sbox, since it is the only nonlinear component in block cipher.

Thus, how to protect Sbox effectively was the highlight of researches.

Based on Sbox-reuse concept proposed by Bilgin, this paper put forward a new type of a countermeasure scheme against DPA in multi-Sbox of block cipher.

We first converted the multi-Sbox into 4 × 4 permutations and then reused permutation with the algebraic degree of more than one so as to turn it into a special reusable Sbox and then numbered 4 × 4 permutation input.

Finally, we made these inputs of permutations completely random by masking.

Since it was necessary to make the collected power consumption curve subject to alignment process in DPA by chosen-plaintext attack, this scheme combined the concept from DPA countermeasures of masking and noise addition.

After the experiment with the proposed implementation, successful prevention of the attacker from accurately aligning the power consumption curve of the target Sbox has been proven, and the level of security has been improved by adding more random noise to protect key information and decrease the accuracy of statistical analysis.