Our contribution is twofold: first we describe a very compact hardware implementation of
AES-128, which requires only 2400 GE. This is to the best of our knowledge the smallest …

The development of masking schemes to secure AES implementations against side channel
attacks is a topic of ongoing research. Many different approaches focus on the AES S-box …

Algebraic side-channel attacks have been recently introduced as a powerful cryptanalysis
technique against block ciphers. These attacks represent both a target algorithm and its …

Threshold Implementations provide provable security against first-order power analysis
attacks for hardware and software implementations. Like masking, the approach relies on …

Abstract Implementations of the Advanced Encryption Standard (AES), including hardware
applications with limited resources (eg, smart cards), may be vulnerable to “side-channel …

Modern processors dynamically control their operating frequency to optimize resource
utilization, maximize energy savings, and conform to system-defined constraints. If, during …

In this paper we construct a chosen-key distinguisher and a related-key attack on the full 256-
bit key AES. We define a notion of differential q-multicollision and show that for AES-256 q …

AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-
192, and AES-256) differ in their key sizes (128 bits, 192 bits and 256 bits) and in their …

Recently a new class of collision attacks which was originally suggested by Hans Dobbertin
has been introduced. These attacks use side channel analysis to detect internal collisions …

Side-channel collision attacks were proposed in [1] and applied to AES in [2]. These are
based on detecting collisions in certain positions of the internal state after the first AES round …