A New Implement Method Of S-box For Against DFA

With the rapid development of information and digitalization in all fields of human society,the protection of information security has become more and more important.Cryptography is a necessary means to ensure information security.Generally,services such as confidentiality,authentication,integrity,and nonrepudiation are provided through data encryption,message authentication,and digital signature.In recent years,physical attacks aimed at the hardware implementation of cryptographic algorithms have increasingly become a popular cryptanalysis field.Among them,Differential Fault Analysis(DFA)is an active physical attack method.In the cryptographic algorithm's hardware implementation;adversary can obtain partial information of the secret key by injecting errors and analyzing the error output.The wide range and severity of the DFA attacks make it a considerable threat to the block cipher algorithm.Aghaie et al first designed impeccable circuits that detect 100%error injection.According to the logic of this circuit,Beierle et al.designed a new lightweight block cipher algorithm CRAFT against DFA at FSE 2019.The circuit realization of its S-box satisfies forced independence to avoid the propagation of injection errors.The author achieves this property employing independent Look-Up Tables(LUT)in a specific implementation.This paper proposes an new algorithm to generate independent Booleanfunction of the known S-box.Our algorithm makes the hardware implementation of an S-box satisfy the forced independence without a shared gate before the hardware synthesis.In the traditional LUT method,the synthesizer uses the internal optimization algorithm to obtain the independent circuit of S-boxes.However,for S-boxes that require independent implementation,this general optimization algorithm of the synthesizer is often inefficient.In order to improve the performance of the S-box implementation that satisfies the independence characteristics,this article proposes a new algorithm.The algorithm mainly includes two modules:graph generation module and independence realization module,which can generate Boolean expressions satisfying independent characteristics for known S-boxes.For the performance of some known S-boxes,the Boolean expression implementation is better than the LUT implementation.The algorithm in this article is applied to multiple known S-boxes such as GIFT,Khazad,Lblock.The experimental results show that,compared with the LUT implementation method that relies solely on comprehensive software optimization,the S-box independence optimization implementation method proposed in this paper has improved performance to different degrees for different S-boxes.