TY - GEN

T1 - Decomposing the Inverse of a Masked Vector in an Isomorphic Galois Field for Perfectly Masked S-Box

AU - Kodera, Yuta

AU - Taketa, Yuki

AU - Kusaka, Takuya

AU - Nogami, Yasuyuki

PY - 2019/11

Y1 - 2019/11

N2 - The increment of opportunities for using machine learning (ML) technologies has brought a new threat to cryptosystems. As a remarkable example, the ML technologies have gradually been employed in the side-channel attack (SCA) to obtain sensitive information. In this paper, the authors focus on the structure of a masked S-Box in AES, which aims to equip the SCA resistance even for the attacks using the ML technologies. More precisely, this paper analyzes the mathematical structure of the inverse operation over F(24)2 which is an isomorphic field for obtaining efficient arithmetic for the AES, so that all functions in the encryption scheme can handle masked data as it is. The mathematical structure is realized by introducing several mathematical tools such as the Gauss periods and the Itoh-Tsujii inversion algorithm, and as a result, we clarified the factors of the coefficients of A-1 for an element A F(24)2. It enables us to generate the corresponding element directly, which allows canceling the mask even after processing the SubBytes.

AB - The increment of opportunities for using machine learning (ML) technologies has brought a new threat to cryptosystems. As a remarkable example, the ML technologies have gradually been employed in the side-channel attack (SCA) to obtain sensitive information. In this paper, the authors focus on the structure of a masked S-Box in AES, which aims to equip the SCA resistance even for the attacks using the ML technologies. More precisely, this paper analyzes the mathematical structure of the inverse operation over F(24)2 which is an isomorphic field for obtaining efficient arithmetic for the AES, so that all functions in the encryption scheme can handle masked data as it is. The mathematical structure is realized by introducing several mathematical tools such as the Gauss periods and the Itoh-Tsujii inversion algorithm, and as a result, we clarified the factors of the coefficients of A-1 for an element A F(24)2. It enables us to generate the corresponding element directly, which allows canceling the mask even after processing the SubBytes.

KW - AES

KW - Gauss periods

KW - Itoh Tsujii inversion algorithm

KW - isomorphic field F(2)

KW - masked S Box

UR - http://www.scopus.com/inward/record.url?scp=85078901341&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85078901341&partnerID=8YFLogxK

U2 - 10.1109/CANDAR.2019.00027

DO - 10.1109/CANDAR.2019.00027

M3 - Conference contribution

AN - SCOPUS:85078901341

T3 - Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019

SP - 157

EP - 163

BT - Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 7th International Symposium on Computing and Networking, CANDAR 2019

Y2 - 26 November 2019 through 29 November 2019

ER -