Low Area and Low Power Threshold Implementation Design Technique for AES S-Box

Threshold implementation (TI) is a promising countermeasure against side-channel attacks (SCA) in the presence of glitches. However, the hardware implementation of TI in S-box needs a large number of D flip-flops to synchronize intermediate signals, which results in a large silicon area and power consumption overhead. In this brief, we present the low area and low power TI design technique for advanced encryption standard (AES) S-box. In the proposed approach, instead of using D flip-flops, low-cost synchronization circuits such as customized tri-state XOR gates, tri-state buffers, and D latches are efficiently adopted with critical path replica (CPR) circuits. As a result, the proposed TI S-box implementation with 28nm CMOS process shows up to 33.7% area and 44.3% power savings. The security of the proposed TI AES S-box against side-channel attacks is also verified with test vector leakage assessment (TVLA) tests.