Skip to main content
SpringerLink
Log in

New Second-order Threshold Implementation of Sm4 Block Cipher

  • Published:
Journal of Electronic Testing Aims and scope Submit manuscript

Abstract

As SM4 block cipher has become an ISO/IEC international encryption standard in June 2020, the security of SM4 against side-channel analysis (SCA) is highly valued by academic community. Threshold implementation (TI) scheme is a common countermeasure against SCA. However, the implementation of a high-order TI scheme can be costly. How to improve the resistance of SM4 implementation against high-order SCA without significant increasing the cost appears to be an important task. In this article, a new SM4 second-order TI scheme is proposed based on the tower field decomposition of 8-bits inverter. In more detail, by performing the tower field decomposition twice in the SM4 S-box, the inverse and multiplication operations on finite field are transformed into inverse and multiplication operations on tower field, thus reducing the algebraic order of the decomposed S-box from 7 to 2. Then, the design and implementation of our scheme with 3 shares is illustrated based on the decomposed S-box. Compared with the best-known TI of the S-box in the SM4, our scheme uses smaller number of register stages. The circuit area of S-box is reduced by 48.6%. The number of fresh randomness required in a single round operation is 96 bits. Moreover, both the second-order t-test with 10 million power traces and the correlation power analysis are performed, thus verifying the second-order security of this scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data Availability

The datasets generated during and analyzed during the current study are available from the corresponding author on reasonable request.

References

  1. Akkar ML, Giraud C (2001) An implementation of DES and AES, secure against some attacks. In: Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 309–318. Springer

  2. Bai XF, Guo L, Li T (2008) Differential power analysis attack on SMS4 block cipher. In: Proc. 2008 4th IEEE International Conference on Circuits and Systems for Communications, pp. 613–617. IEEE

  3. Bilgin B, Gierlichs B, Nikova S, Nikov V, Rijmen V (2014) Higher-order threshold implementations. In: Proc. International Conference on the Theory and Application of Cryptology and Information Security, pp. 326–343. Springer

  4. Brier E, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 16–29. Springer

  5. Canright D (2005) A very compact S-box for AES. In: Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 441–455. Springer

  6. Daemen J (2017) Changing of the guards: a simple and efficient method for achieving uniformity in threshold sharing. In: Proc. International Conference on Cryptographic Hardware and Embedded Systems, pp. 137–153. Springer

  7. Dhooghe S, Nikova S, Rijmen V (2021) First-order hardware sharings of the AES. IACR Cryptol ePrint Arch 734

  8. Geng H, Wu J, Liu JM, Choi M, Shi YY (2012) Utilizing random noise in cryptography: where is the tofu? In: Proc. 2012 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 163–167. IEEE

  9. Gross H, Mangard S, Korak T (2016) Domain-oriented masking: Compact masked hardware implementations with arbitrary protection order. In: Proc. 2016 ACM Workshop on Theory of Implementation Security, p. 3. Association for Computing Machinery, New York, NY, USA

  10. He W, Jap D (2015) Dual-rail active protection system against side-channel analysis in FPGAs. In: Proc. 2015 IEEE 26th International Conference on Application-specific Systems, Architectures and Processors (ASAP), pp. 64–65. IEEE

  11. Ishai Y, Sahai A, Wagner D (2003) Private circuits: Securing hardware against probing attacks. In: Proc. Annual International Cryptology Conference, pp. 463–481. Springer

  12. ISO/IEC: 18033-3 (2021) Information technology-Security techniques-Encryption algorithms-Part 3: Block ciphers-Amendment 1: SM4. Available at https://www.iso.org/standard/81564.html

  13. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Proc. Annual International Cryptology Conference, pp. 388–397. Springer

  14. Li XC, Zhong WD, Zhang SW, Yang XY (2018) A threshold implementation scheme for the SM4 S-box. J Cryptologic Res 6(5):641–650

    Google Scholar 

  15. Liang H, Wu LJ, Zhang XM, Wang JB (2014) Design of a masked S-box for SM4 based on composite field. In: Proc. 2014 Tenth International Conference on Computational Intelligence and Security, pp. 387–391. IEEE

  16. Liu F, Ji W, Hu L, Ding JT, Lv SW, Pyshkin A, Weinmann RP (2007) Analysis of the SMS4 block cipher. In: Proc. Australasian Conference on Information Security and Privacy, pp. 158–170. Springer

  17. Nikova S, Rijmen V, Schläffer M (2011) Secure hardware implementation of nonlinear functions in the presence of glitches. J Cryptol 24(2):292–321

    Article  MathSciNet  MATH  Google Scholar 

  18. Nikova S, Rechberger C, Rijmen V (2006) Threshold implementations against side-channel attacks and glitches. In: Proc. International Conference on Information and Communications Security, pp. 529–545. Springer

  19. Pei C (2016) A method of masking SM4 and analysis against DPA attacks. J Cryptologic Res 3(1):79–90

    MathSciNet  Google Scholar 

  20. Reparaz O, Bilgin B, Nikova S, Gierlichs B, Verbauwhede I (2015) Consolidating masking schemes. In: Proc. Annual Cryptology Conference, pp. 764–783. Springer

  21. Schneider T, Moradi A (2015) Leakage assessment methodology - a clear roadmap for side-channel evaluations. In: Proc. Cryptographic Hardware and Embedded Systems, pp. 495–513. Springer, Berlin, Heidelberg

  22. Shahmirzadi, A.R., Božilov, D., Moradi, A (2021) New first-order secure AES performance records. IACR Trans Cryptogr Hardw Embed Syst 2021(2), 304–327. https://doi.org/10.46586/tches.v2021.i2.304-327

  23. Shahmirzadi AR, Moradi A (2021) Second-order SCA security with almost no fresh randomness. IACR Trans Cryptogr Hardw Embed Syst 2021(3):708–755

    Article  Google Scholar 

  24. Shahmirzadi AR, Moradi A (2021) Re-consolidating first-order masking schemes: Nullifying fresh randomness. IACR Trans Cryptogr Hardw Embed Syst 2021(1):305–342

    Google Scholar 

  25. Trichina E (2003) Combinational logic design for AES subbyte transformation on masked data. IACR Cryptol ePrint Arch 236

  26. Waddle J, Wagner D (2004) Towards efficient second-order power analysis. In: Proc. International Workshop on Cryptographic Hardware and Embedded Systems, pp. 1–15. Springer

  27. Wei YZ, Yao F, Pasalic E, Wang A (2019) New second-order threshold implementation of AES. IET Inf Secur 13(2):117–124

    Article  Google Scholar 

  28. Wei M, Sun SW, Wei ZH, Hu L (2021) Unbalanced sharing: a threshold implementation of SM4. Sci China Inf Sci 64(5):1–3

    Article  Google Scholar 

Download references

Funding

This work is supported by the Innovation Research Team Project of Guangxi Natural Science Foundation (2019GXNSFGA245004), the National Natural Science Foundation of China (62062026 and 62162016) and the Guangxi Key Research and Development Program (Guike AB23026131).

Author information

Authors and Affiliations

  1. Guangxi Key Laboratory of Cryptography and Information Security, Guilin, 541004, Guangxi, China

    Tianyi Shao, Yu Ou, Yongzhuang Wei & Xiaonian Wu

  2. Guilin University of Electronic Technology, Guilin, 541004, Guangxi, China

    Tianyi Shao, Bohua Wei, Yu Ou, Yongzhuang Wei & Xiaonian Wu

  3. Guangxi Wangxin Information Technology Co., Ltd., Nanning, 530000, Guangxi, China

    Bohua Wei

Authors
  1. Tianyi Shao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bohua Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yu Ou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yongzhuang Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Xiaonian Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bohua Wei.

Ethics declarations

Conflict of Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Responsible Editor: S. Bhunia

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shao, T., Wei, B., Ou, Y. et al. New Second-order Threshold Implementation of Sm4 Block Cipher. J Electron Test 39, 435–445 (2023). https://doi.org/10.1007/s10836-023-06076-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10836-023-06076-5

Keywords

Search

Navigation