A DPA and HO-DPA Resistant Implementation of AES

Akkar proposed a transformed masking based implementation of AES (Advanced Encryption Standard) to prevent against power analysis attack. However, this countermeasure is not truly secure against first order differential power analysis. A thorough analysis of vulnerabilities for Akkar’s implementation is performed in this paper. Several possible first order and second order differential power analysis attacks to the countermeasure proposed by Akkar for AES are shown. Based on Akkar’s implementation, an improved countermeasure for AES is proposed. The key of the presented method is to make each intermediate result being masked by various random values to eliminate the vulnerabilities to power analysis attacks in the implementation of AES. When the random values are mutual independent and uniformly distributed, the presented method is proved to be secure against DPA (differential power analysis) and HO-DPA (high-order DPA). In this improved countermeasure, a large amount of uniformly distributed random values are required to mask all the intermediate results. So an efficient mechanism to generate the large amount of random values is also proposed. An AES coprocessor based on the presented countermeasure is implemented. And the experiment result shows that the proposed implementation achieves the provable security against power analysis attack with some extra cost of hardware complexity in comparison with other typical countermeasures.