A Grain in the Silicon: SCA-Protected AES in Less than 30 Slices
Pascal Sasdrich, Tim Güneysu
27th Annual IEEE International Conference on Application-specific Systems, Architectures and Processors, ASAP 2016, London, United Kingdom, July 6-8 2016, to appear
AES is the predominant block cipher used worldwide in many cryptographic applications. Despite of the wealth of already available implementations, we here introduce an ultra-lightweight AES-128 implementation specifically tailored for reconfigurable hardware. Our basic proposal presents a full AES-128 providing 9.12 Mbit/s throughput and occupying just 21 slices of a Spartan-6 and no additional memories. We also show that this architecture almost inherently supports shuffling as side-channel countermeasure and provide results of a practical evaluation. Our protected design fits into 24 slices providing 7.82 Mbit/s throughput. Finally, we present a complete AES core that combines previous results with random number generation which fits 28 slices at 4.35 Mbit/s throughput.