Secure AES hardware module for resource constrained devices

Low power consumption, low gate count, and high throughput are standard design criteria for cryptographic coprocessors designated for resource constrained devices such as smart cards. With the advent of side channel attacks, devices ' resistance to such attacks became another major requirement. This paper describes a cryptographic hardware module for an AES algorithm that provides complete protection against first order differential power analysis by embedding a data masking countermeasure at a hardware level. We concentrate on inversion in GF(2(8)) since this is the only non-linear operation that requires complex transformations on masked data and on bits of the masks. The simulation and synthesis results confirm that the proposed solution is suitable for applications in GSM and ad-hoc networks in terms of performance, gate count and power consumption. To our knowledge, this is the first implementation of a side channel-resistant AES hardware module suitable for smart- and SIM-cards.