| 摘要 |
Tables are defined to permit output masking for table look-ups to be carried out to resist power analysis attacks on cryptographic operations. A set of individually defined random values is used to mask each entry in a substitution table, defining a masked substitution table. A mask table is also defined such that the values of eac h entry, masked with the corresponding random value, is the value of a fixed mask. The maske d substitution tables and the mask tables may be used in cryptographic operations to permit the output of table look-ups to be masked, without directly using the fixed mask value in the computations of the cryptographic operations.
|
