Influence of error detecting or correcting codes on the sensitivity to DPA of an AES S-box

Abstract

The robustness of a chip designed for security-related applications depends on its capability to globally resist to various types of attacks. This paper deals with protections against non invasive or semi invasive attacks. The two main categories are attacks based on power consumption (either by monitoring the current, e.g. DPA, or by monitoring the electromagnetic emissions, i.e. EMA) and attacks based on the injection of faults during the application execution (DFA). Information redundancy is often proposed as a basis for countermeasures against DFA. This paper discusses the influence of the choice of the code on the global robustness of the circuit. The study is focused on the evaluation of the sensitivity to DPA of several protected versions of an AES circuit.