公开(公告)号：US10210776B2

公开(公告)日：2019-02-19

申请号：US15046069

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L9/00 ,  H04L9/06 ,  G09C1/00

Abstract: A method of protecting a Rijndael-type algorithm executed by an electronic circuit against side channel attacks, wherein: each block of data to be encrypted or to be decrypted is masked with a first mask before a non-linear block substitution operation is applied based on a substitution box, and is then unmasked with a second mask after the substitution; and the substitution box is recalculated, block by block, before the non-linear operation is applied, the processing order of the blocks of the substitution box being submitted to a random permutation, commutative with the non-linear substitution operation.

公开(公告)号：US10243728B2

公开(公告)日：2019-03-26

申请号：US15046092

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/06 ,  G09C1/00

Abstract: A method of verifying the sensitivity of an electronic circuit executing a Rijndael-type algorithm to side channel attacks, wherein: each block of data to be encrypted or to be decrypted is masked with a first mask before a non-linear block substitution operation is applied based on a substitution box, and is then unmasked with a second mask after the substitution; the substitution box is recalculated, block by block, before the non-linear operation is applied, the processing order of the blocks of the substitution box being submitted to a permutation; and a side channel attack is performed on the steps of recalculating, block by block, the substitution box.

公开(公告)号：US10187198B2

公开(公告)日：2019-01-22

申请号：US15046114

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L9/00 ,  G09C1/00 ,  H04L9/06

Abstract: A method of protecting a Rijndael-type algorithm executed by an electronic circuit against side channel attacks, wherein: each block of data to be encrypted or decrypted is masked with a first mask before applying a non-linear block substitution operation from a first substitution box, and is then unmasked by a second mask after the substitution; the substitution box is recalculated, block by block, before applying the non-linear operation, the processing order of the blocks of the substitution box being submitted to a random permutation; and the recalculation of the substitution box uses the second mask as well as third and fourth masks, the sum of the third and fourth masks being equal to the first mask.

公开(公告)号：US20170063523A1

公开(公告)日：2017-03-02

申请号：US15046069

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L9/00 ,  H04L9/06

CPC classification number: G09C1/00 ,  H04L9/003 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/046

Abstract: A method of protecting a Rijndael-type algorithm executed by an electronic circuit against side channel attacks, wherein: each block of data to be encrypted or to be decrypted is masked with a first mask before a non-linear block substitution operation is applied based on a substitution box, and is then unmasked with a second mask after the substitution; and the substitution box is recalculated, block by block, before the non-linear operation is applied, the processing order of the blocks of the substitution box being submitted to a random permutation, commutative with the non-linear substitution operation.

Abstract translation: 一种保护由电子电路执行的针对侧信道攻击的Rijndael型算法的方法，其中：在应用非线性块替换操作之前，将要被加密或要解密的每个数据块以第一掩码进行掩码 替换框，然后在替换后用第二个掩码进行掩码; 并且在应用非线性操作之前逐个重新计算替换盒，替换盒的块的处理顺序被提交到随机排列，与非线性替换操作交换。

公开(公告)号：US20170063524A1

公开(公告)日：2017-03-02

申请号：US15046114

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L9/00 ,  H04L9/06

CPC classification number: H04L9/005 ,  G09C1/00 ,  H04L9/003 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/046

Abstract: A method of protecting a Rijndael-type algorithm executed by an electronic circuit against side channel attacks, wherein: each block of data to be encrypted or decrypted is masked with a first mask before applying a non-linear block substitution operation from a first substitution box, and is then unmasked by a second mask after the substitution; the substitution box is recalculated, block by block, before applying the non-linear operation, the processing order of the blocks of the substitution box being submitted to a random permutation; and the recalculation of the substitution box uses the second mask as well as third and fourth masks, the sum of the third and fourth masks being equal to the first mask.

Abstract translation: 一种保护由电子电路执行的针对侧信道攻击的Rijndael型算法的方法，其中：在应用来自第一替换盒的非线性块替代操作之前，要用第一掩码掩蔽要加密或解密的每个数据块 ，然后在替代后被第二个掩模剥离; 替代框在应用非线性运算之前逐块重新计算，替换框的块的处理顺序被提交给随机排列; 并且替换盒的重新计算使用第二掩模以及第三和第四掩模，第三和第四掩模的和等于第一掩模。

公开(公告)号：US20170063522A1

公开(公告)日：2017-03-02

申请号：US15046092

申请日：2016-02-17

Applicant: STMicroelectronics (Rousset) SAS

Inventor： Nicolas Bruneau

IPC: H04L9/00 ,  H04L9/06

CPC classification number: H04L9/003 ,  G09C1/00 ,  H04L9/0631 ,  H04L2209/043

Abstract: A method of verifying the sensitivity of an electronic circuit executing a Rijndael-type algorithm to side channel attacks, wherein: each block of data to be encrypted or to be decrypted is masked with a first mask before a non-linear block substitution operation is applied based on a substitution box, and is then unmasked with a second mask after the substitution; the substitution box is recalculated, block by block, before the non-linear operation is applied, the processing order of the blocks of the substitution box being submitted to a permutation; and a side channel attack is performed on the steps of recalculating, block by block, the substitution box.

Abstract translation: 一种验证执行Rijndael型算法的电子电路对侧信道攻击的灵敏度的方法，其中：在应用非线性块替换操作之前，要加密或要解密的每个数据块被第一掩码掩蔽 基于替代框，然后在替换后用第二个掩码进行掩码; 在应用非线性操作之前，逐块重新计算替换盒，替换盒的块的处理顺序被提交到置换; 并且在重新计算的步骤上逐块执行替代框执行侧信道攻击。