Methods of securing a cryptographic device against implementation attacks, are described. A disclosed method comprises the steps of obtaining a key (230) from memory of the cryptographic device; providing the key and a constant input (210) to an encryption module (240); deriving an output (250) of encrypted data bits using the encryption module (240); providing the output (250), the key (230) and an input vector (270) to a key update module (260); and using said key update module (260) to modify the key based on at least a part (270a) of the input vector (270) to derive an updated key (230a). This prevents the value of the key from being derived using the updated key or by using side-channel attacks because the input is constant for all keys. Additionally, by altering the input vector, the updated key is also altered.