A deterministic blinding method for cipher algorithms that employ key -mixing and substitution (S -box) operations uses a masking table (MASK[0] to MASK [63] ) constructed with a true mask (MASK[0] ) and a plurality of dummy masks corresponding to every possible S-box input. Each mask is applied in the key -mixing operation (e.g., bitwise XOR) to the cipher key (K) or to round subkeys (K1 to K16) to generate true and dummy keys or subkeys that are applied to the data blocks (DATA) within the overall cipher algorithm or within individual cipher rounds. The mask values prevent side-channel statistical analyses from determining the true from the dummy keys or subkeys. The true mask is identifiable to the cipher but not by external observers.
申请公布号
WO2007102898(A2)
申请公布日期
2007.09.13
申请号
WO2006US61165
申请日期
2006.11.21
申请人
ATMEL CORPORATION;DUPAQUIS, VINCENT;DOUGUET, MICHEL