Toward secured IoT devices: a shuffled 8-bit AES hardware implementation

In this paper, we present a lightweight secured AES hardware implementation designed to further resist to Side Channel Attacks relying on Power Analysis. The proposed architecture is based on an 8-bit data-path, and the protection is provided by shuffling computations and memory locations. Our shuffling module is based on a permutation network controlled by a Random Number Generator and leads to the best compromise between security, area, and performances compared to state-of-the-art Implementation results on a spartan-6 FPGA show that the proposed protection mechanisms impact the area and the timing performance of the unprotected design by factors of 1.58 and 0.35 respectively. Security evaluation based on simulation results shows that the proposed secure architecture resists to a regular CPA by revealing a unique key byte when attacking with up to 1 million traces while state-of-the-art shuffled designs requires only 50000 traces to retrieve the entire secret key. Considering an integrated CPA (also called windowing attack), the proposed architecture allows increasing up to x300 the required number oftraces (Measurements to Disclosure) to retrieve 40% of the key bytes and reveals no more than 9 key bytes when attacking with up to 1 million traces.