Xiaozhong Pan,Shuiyu He,Yuechuan Wei,Lipeng Chang

DOI: https://doi.org/10.3390/app12168246

2022-08-18

Applied Sciences

Abstract:With the in-depth integration of deep learning and side-channel analysis (SCA) technology, the security threats faced by embedded devices based on the Internet of Things (IoT) have become increasingly prominent. By building a neural network model as a discriminator, the correlation between the side information leaked by the cryptographic device, the key of the cryptographic algorithm, and other sensitive data can be explored. Then, the security of cryptographic products can be evaluated and analyzed. For the AES-128 cryptographic algorithm, combined with the CW308T-STM32F3 demo board on the ChipWhisperer experimental platform, a Correlation Power Analysis (CPA) is performed using the four most common deep learning methods: the multilayer perceptron (MLP), the convolutional neural network (CNN), the recurrent neural network (RNN), and the long short-term memory network (LSTM) model. The performance of each model is analyzed in turn when the samples are small data sets, sufficient data sets, and data sets of different scales. Finally, each model is comprehensively evaluated by indicators such as classifier accuracy, network loss, training time, and rank of side-channel attacks. The experimental results show that the convolutional neural network CNN classifier has higher accuracy, lower loss, better robustness, stronger generalization ability, and shorter training time. The rank value is 2, that is, only two traces can recover the correct key byte information. The comprehensive performance effect is better.

Engineering,Computer Science

Ngoc‐Tuan Do,Van‐Phuc Hoang,Van Sang Doan,Cong‐Kha Pham

DOI: https://doi.org/10.1049/ise2.12102

2022-12-22

IET Information Security

Abstract:This paper proposes and evaluates the applications of different DL techniques including the Convolutional Neural Network (CNN) and the multilayer perceptron (MLP) models for non‐profiled attacks on the AES‐128 encryption implementation. Along with the designed models, a dataset reconstruction and labelling technique for the proposed model has also been performed for solving the high dimension data and imbalanced dataset problem. As a result, the DL‐based SCA with our reconstructed dataset for different targets of ASCAD, RISC‐V microcontroller, and ChipWhisperer boards has achieved a higher performance of non‐profiled attacks. The experimental results have clarified that the exponential linear unit (ELU) function is better than the rectified linear unit (ReLU) in taking the correct key with the presence of the Gaussian noise. In modern embedded systems, security issues including side‐channel attacks (SCAs) are becoming of paramount importance since the embedded devices are ubiquitous in many categories of consumer electronics. Recently, deep learning (DL) has been introduced as a new promising approach for profiled and non‐profiled SCAs. This paper proposes and evaluates the applications of different DL techniques including the Convolutional Neural Network and the multilayer perceptron models for non‐profiled attacks on the AES‐128 encryption implementation. Especially, the proposed network is fine‐tuned with different number of hidden layers, labelling techniques and activation functions. Along with the designed models, a dataset reconstruction and labelling technique for the proposed model has also been performed for solving the high dimension data and imbalanced dataset problem. As a result, the DL based SCA with our reconstructed dataset for different targets of ASCAD, RISC‐V microcontroller, and ChipWhisperer boards has achieved a higher performance of non‐profiled attacks. Specifically, necessary investigations to evaluate the efficiency of the proposed techniques against different SCA countermeasures, such as masking and hiding, have been performed. In addition, the effect of the activation function on the proposed DL models was investigated. The experimental results have clarified that the exponential linear unit function is better than the rectified linear unit in fighting against noise generation‐based hiding countermeasure.

computer science, information systems, theory & methods

Shijie Song,Kaiyan Chen,Yang Zhang

DOI: https://doi.org/10.1088/1742-6596/1213/2/022013

2019-01-01

Journal of Physics Conference Series

Abstract:According to the widespread use of embedded cryptographic devices, one of the major security threats, side channel attack and protection research, has grown rapidly in the last decade. Along with the popularity of machine learning and deep learning, artificial intelligence technology combined with side channel technology has gradually emerged, which has achieved quite good processing results. Due to the popularity of deep learning in recent years, it is indeed to complete the work with making an overview of side channel analysis based on deep learning. So in order to perfect the theory, this paper begins with the basic theory of the side channel attack. Combined with common models, the methodological analysis of deep learning side channel analysis is summarized and the existing research results are introduced next. Finally, the paper looks forward to the future deep learning side channel technology.

Takaya Kubota,Kota Yoshida,Mitsuru Shiozaki,Takeshi Fujino

DOI: https://doi.org/10.1016/j.micpro.2020.103383

IF: 3.503

2021-11-01

Microprocessors and Microsystems

Abstract:<p>In the field of image recognition, machine learning technologies, especially deep learning, have been rapidly advancing alongside the advances of hardware such as GPUs. In image recognition, in general, large numbers of labeled images to be identified are input to a neural network, and repeatedly learning the images enables the neural network to identify objects with high accuracy. A new profiling side-channel attack method, the deep learning side-channel attack (DL-SCA), utilizes the neural network's high identifying ability to unveil a cryptographic module's secret key from side-channel information. In DL-SCAs, the neural network is trained with power waveforms captured from a target cryptographic module, and the trained network extracts the leaky part that depends on the secret. However, at this stage, the main target of investigation has been software implementation, and studies regarding hardware implementation, such as ASIC, are somewhat lacking. In this paper, we first depict deep learning techniques, profiling side-channel attacks, and leak models to clarify the relation between secret and side channels. Next, we investigate the use of DL-SCA against hardware implementations of AES and discuss the problem derived from the Hamming distance model and ShiftRow operation of AES. To solve the problem, we propose a new network training method called "mixed model dataset based on round-round XORed value." We prove that our proposal solves the problem and gives the attack capability to neural networks. We also compare the attack performance and characteristics of DL-SCA to conventional analysis methods such as correlation power analysis and conventional template attack. In our experiment, a dedicated ASIC chip for side-channel analysis is utilized and the chip is also equipped with a side-channel countermeasure AES. We show how DL-SCA can recover secret keys against the side-channel countermeasure circuit. Our results demonstrate that DL-SCA can be a more powerful option against side-channel countermeasure implementations than conventional SCAs.</p>

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Mehwish Shaikh,Qasim Ali Arain,Salahuddin Saddar

DOI: https://doi.org/10.1109/imtic53841.2021.9719689

2021-11-10

Abstract:A side-channel attack is a sort of computer security attack depending on data obtain from program implementation rather than flaws in the program itself. Additional data sources that might be exploited include timing data, power consumption, electromagnetic leakage, and even sound. Since the 1990&#x27;s, when side channel attacks were first introduced, a lot of effort is done in improving their effectiveness and efficiency. Many machine learning methods were designed for side-channel attacks. The researchers have recently noticed a growing trend in the SCA community to use deep learning techniques, which has resulted in more precise side-channel studies, even when countermeasures are in effect. Machine learning algorithms, on the other hand, have the drawback of requiring human engineering to function and some performance fluctuations in some cases. Recent research has focused on using deep learning techniques to extract characteristics from data automatically. Concepts of side channel attacks, machine learning, deep learning, and current breakthroughs in deep learning-based side-channel attacks are described in this paper. This discussion provides an overview of contemporary machine and deep learning research in the context of SCA. Machine Learning is not completely negated, or Deep Learning is not completely supported but their competitiveness and trend is discussed as a baseline to new challenges in context of side channel attack. Thus, a paradigm shift of ML to DL in SCAs is the focus of this paper.

Qiang Zhou,Baolei Mao,Maoyuan Qin,Wei Hu,Fanfei Meng,Mingzhu Fang

DOI: https://doi.org/10.1109/iccc59590.2023.10507675

2023-01-01

Abstract:Side-channel attacks have been proven to be effective for retrieving secret keys by exploiting implementation vulnerabilities in encryption function. In recent years, deep learning techniques have been integrated into profiled side-channel attacks to achieve outstanding results. However, most state-of-the-art work only conducts attacks under ideal conditions where the profiling device (template device) and the target device are identical. The profiling traces are from the profiling device and the attack traces are from the target device. Unfortunately, constructing a template device is challenging and a flawed template device will lead to discrepancies between the profiling and the target devices. This inconsistent data distribution and discrepancies hamper the profiled SCA. To address these issues, we propose a domain generalization-based side-channel attack architecture called DGSCA. Especially, We simulate a scenario where the acquisition of target data is challenging and can’t be used for model training. Initially, we combine the Deep CORAL method with Mixup to deserve domain invariant representations across source domains. Subsequently, we integrate meta-learning into the DGSCA framework to enhance the model’s generalization ability, which is accomplished by randomly partitioning the source and target domains and leveraging the knowledge gained from the source domain to improve the attack result in the target domain. Moreover, we implement four different deep learning models (MLP, CNN, ResNet, DenseNet) and evaluate the DGSCA framework using the publicly available ASCAD dataset. The experimental results on the ASCAD desynchronous dataset show that our method successfully recovers the key within 1665 traces and demonstrate the scalability and generality of our proposed framework.

Yohaï-Eliel Berreby,Laurent Sauvage

2023-09-23

Abstract:Over the past few years, deep learning has been getting progressively more popular for the exploitation of side-channel vulnerabilities in embedded cryptographic applications, as it offers advantages in terms of the amount of attack traces required for effective key recovery. A number of effective attacks using neural networks have already been published, but reducing their cost in terms of the amount of computing resources and data required is an ever-present goal, which we pursue in this work. We focus on the ANSSI Side-Channel Attack Database (ASCAD), and produce a JAX-based framework for deep-learning-based SCA, with which we reproduce a selection of previous results and build upon them in an attempt to improve their performance. We also investigate the effectiveness of various Transformer-based models.

Cryptography and Security,Artificial Intelligence

Marvin Staib,Amir Moradi

DOI: https://doi.org/10.46586/tches.v2023.i3.422-444

2023-06-09

IACR Transactions on Cryptographic Hardware and Embedded Systems

Abstract:With the breakthrough of Deep Neural Networks, many fields benefited from its enormously increasing performance. Although there is an increasing trend to utilize Deep Learning (DL) for Side-Channel Analysis (SCA) attacks, previous works made specific assumptions for the attack to work. Especially the concept of template attacks is widely adapted while not much attention was paid to other attack strategies. In this work, we present a new methodology, that is able to exploit side-channel collisions in a black-box setting. In particular, our attack is performed in a non-profiled setting and requires neither a hypothetical power model (or let’s say a many-to-one function) nor details about the underlying implementation. While the existing non-profiled DL attacks utilize training metrics to distinguish the correct key, our attack is more efficient by training a model that can be applied to recover multiple key portions, e.g., bytes. In order to perform our attack on raw traces instead of pre-selected samples, we further introduce a DL-based technique that can localize input-dependent leakages in masked implementations, e.g., the leakages associated to one byte of the cipher state in case of AES. We validated our approach by targeting several publicly available power consumption datasets measured from implementations protected by different masking schemes. As a concrete example, we demonstrate how to successfully recover the key bytes of the ASCAD dataset with only a single trained model in a non-profiled setting.

Amjed Abbas Ahmed,Mohammad Kamrul Hasan,Shayla Islam,Azana Hafizah Mohd Aman,Nurhizam Safie

DOI: https://doi.org/10.5755/j02.eie.33995

2023-09-07

Elektronika ir Elektrotechnika

Abstract:Deep learning (DL) is a new option that has just been made available for side-channel analysis. DL approaches for profiled side-channel attacks (SCA) have dominated research till now. In this attack, the attacker has complete control over the profiling device and can collect many traces for a range of critical parameters to characterise device leakage before the attack. In this study, we apply DL algorithms to non-profiled data. An attacker can only retrieve a limited number of side-channel traces from a closed device with an unknown key value in non-profiled mode. The authors conducted this research. Key estimations and deep learning measurements can reveal the secret key. We prove that this is doable. This technology is excellent for non-profits. DL and neural networks can benefit these organisations. Neural networks can provide a new technique to verify the safety of hardware cryptographic algorithms. It was recently suggested. This study creates a non-profiled SCA utilising convolutional neural networks (CNNs) on an AVR microcontroller with 8 bits of memory and the AES-128 cryptographic algorithm. We used aligned power traces with several samples to demonstrate how challenging CNN-based SCA is in practise. This will help us reach our goals. Here is another technique to create a solid CNN data set. In particular, CNN-based SCA experiment data and noise effects are examined. These experiments employ power traces with Gaussian noise. The CNN-based SCA works well with our data set for non-profiled attacks. Gaussian noise on power traces causes many more issues. These results show that our method can recover more bytes successfully from SCA compared to other methods in correlation power analysis (CPA) and DL-SCA without regularisation.

engineering, electrical & electronic

Ruizhe Gu,Ping Wang,Mengce Zheng,Honggang Hu,Nenghai Yu

DOI: https://doi.org/10.48550/arXiv.2009.10568

2020-09-22

Cryptography and Security

Abstract:Numerous previous works have studied deep learning algorithms applied in the context of side-channel attacks, which demonstrated the ability to perform successful key recoveries. These studies show that modern cryptographic devices are increasingly threatened by side-channel attacks with the help of deep learning. However, the existing countermeasures are designed to resist classical side-channel attacks, and cannot protect cryptographic devices from deep learning based side-channel attacks. Thus, there arises a strong need for countermeasures against deep learning based side-channel attacks. Although deep learning has the high potential in solving complex problems, it is vulnerable to adversarial attacks in the form of subtle perturbations to inputs that lead a model to predict incorrectly. In this paper, we propose a kind of novel countermeasures based on adversarial attacks that is specifically designed against deep learning based side-channel attacks. We estimate several models commonly used in deep learning based side-channel attacks to evaluate the proposed countermeasures. It shows that our approach can effectively protect cryptographic devices from deep learning based side-channel attacks in practice. In addition, our experiments show that the new countermeasures can also resist classical side-channel attacks.

Zixin Liu,Zhibo Wang,Mingxing Ling

DOI: https://doi.org/10.13052/jwe1540-9589.2127

2022-01-01

Abstract:Side-channel attack (SCA) based on machine learning has proved to be a valid technique in cybersecurity, especially subjecting to the symmetric-key crypto implementations in serial operation. At the same time, parallel-encryption computing based on Field Programmable Gate Arrays (FPGAs) grows into a new influencer, but the attack results using machine learning are exiguous. Research on the traditional SCA has been mostly restricted to pre-processing: Signal Noisy Ratio (SNR) and Principal Component Analysis (PCA), etc. In this work, firstly, we propose to replace Points of Interests (POIs) and dimensionality reduction by utilizing word embedding, which converts power traces into sensitive vectors. Secondly, we combined sensitive vectors with Long Short Term Memories (LSTM) to execute SCA based on FPGA crypto-implementations. In addition, compared with traditional Template Attack (TA), Multiple Multilayer Perceptron (MLP) and Convolutional Neural Network (CNN). The result shows that the proposed model can not only reduce the manual operation, such as parametric assumptions and dimensionality setting, which limits their range of application, but improve the effectiveness of side-channel attacks as well.

Benjamin Hettwer,Stefan Gehrer,Tim Güneysu

DOI: https://doi.org/10.1007/s13389-019-00212-8

2019-04-11

Journal of Cryptographic Engineering

Abstract:With increasing expansion of the Internet of Things, embedded devices equipped with cryptographic modules become an important factor to protect sensitive data. Even though the employed algorithms in such devices are mathematically secure in theory, adversaries may still be able to compromise them by means of side-channel attacks. In power-based side-channel attacks, the instantaneous power consumption of the target is analyzed with statistical tools to draw conclusions about the secret keys that are used. There is a recent line of work that additionally makes use of techniques from the machine learning domain to attack cryptographic implementations. Since a complete review of this emerging field has not been done so far, this research aims to survey the current state of the art. We use a target-based classification to differentiate published work and drive general conclusions according to a common machine learning workflow. Furthermore, we outline the relationship between traditional power analysis techniques and machine learning-based attacks. This enables researchers to gain a better understanding of the topic in order to design new attack methods as well as potential countermeasures.

computer science, theory & methods

Yufeng Tang,Zheng Gong,Tao Sun,Jinhai Chen,Fan Zhang

DOI: https://doi.org/10.1007/978-3-030-88323-2_22

2021-01-01

Abstract:White-box block cipher (WBC) aims at protecting the secret key of a block cipher even if an adversary has full control over the implementations. At CHES 2016, Bos et al. proved that WBC are also threatened by side-channel analysis (SCA), e.g., differential fault analysis (DFA) and differential computation analysis (DCA). Therefore, advanced countermeasures have been proposed by Lee et al. for resisting DFA and DCA, such as table redundancy and improved masking methods, respectively. In this paper, we introduce a new adaptive side-channel analysis model which assumes that an adversary adaptively collects the intermediate values of a specific function and can mount the DFA/DCA attack with chosen inputs. In the adaptive SCA model, both theoretical analysis and experimental results show that Lee et al.’s proposed methods are vulnerable to DFA and DCA attacks. Moreover, a negative proposition is also demonstrated on the corresponding high-order countermeasures under our new model.

Junkai Liu,Shihui Zheng,Lize Gu

DOI: https://doi.org/10.1109/trustcom53373.2021.00081

2021-01-01

Abstract:Side-channel analysis (SCA) based on deep learning (DL) techniques have the benefit that they can disclose the secret key of protected block ciphers without preprocessing. But the size of convolutional neural network (CNN) architecture is so large that the training process is too time-consuming and the required number of traces for recovering secret key is too much. In this paper, we apply heatmap and SNR to reduce the number of parameters of our CNN architecture to 5,269,568 (i.e., one to tenth to the CNNbest). We also combine our CNN architecture with the multi-label classification and the transfer learning techniques to reduce the number of required traces. Consequently, two new CNN architectures are presented and validated on the public ASCAD dataset. The execution time of the training process approximates 15 minutes on average. The first CNN architecture can recover a key byte with only 30 synchronized traces. Combined with the transfer learning technique, the second CNN architecture requires 141 and 171 traces respectively in two different desynchronization cases. To our knowledge, for both synchronization and desynchronization cases, our analysis methods need the smallest amount of traces to extract a key byte.

Xinjie Zhao,Fan Zhang,Shize Guo,Tao Wang,Zhijie Shi,Huiying Liu,Keke Ji

DOI: https://doi.org/10.1007/978-3-642-29912-4_17

2012-01-01

Abstract:Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation.

W. Yu,J. Chen

DOI: https://doi.org/10.1049/el.2018.5411

2018-09-01

Electronics Letters

Abstract:A deep learning (DL)‐assisted and combined side‐channel attack (SCA) is exploited to disclose the secret key of an advanced encryption standard (AES) cryptographic circuit with a countermeasure. Different physical leakages of the protected AES cryptographic circuit such as power dissipation and electromagnetic (EM) emission are captured together at first. Then the deep neural networks are utilised to model the relationship between the power noise and the EM noise by analysing the captured power dissipation and EM emission profiles. Ultimately, a special power attack is performed on the protected AES cryptographic circuit to leak the secret key efficiently through using the EM noise to filter the power noise. As demonstrated in the results, for the conventional SCAs, the secret key of the protected AES cryptographic circuit is undisclosed to the adversary even if 1 million plaintexts are enabled. By contrast, only analysing 32,500 number of plaintexts are sufficient to leak the secret key if the DL‐assisted and combined SCA is executed.

engineering, electrical & electronic

Raja Maheswari,Marudhamuthu Krishnamurthy

DOI: https://doi.org/10.1002/ett.4975

IF: 3.6

2024-04-17

Transactions on Emerging Telecommunications Technologies

Abstract:Abstract Side‐channel analysis (SCA) is a type of cryptanalytic attack that uses unintended ‘side‐channel’ leakage through the real‐world execution of the cryptographic algorithm to crack a secret key of an embedded system. These side‐channel errors can be discovered through tracking the energy usage of the device performing the technique, electromagnetic radiations while the encryption process, execution time, cache hits/misses, and others. Nowadays, deep learning‐based detection techniques are considered as emerging techniques that have been proposed for attack detection. Deep learning architectures have the ability to learn autonomously and concentrate on difficult features, in contrast to machine learning models. In light of these factors, the work's motive is thought to be the proposal of a deep learning‐based attack detection method. Many methods are used to decrease these assaults, however, the majority of them are inefficient and time‐demanding. In order to address these challenges, this study employs a novel deep learning‐based methodology. Pre‐processing, feature extraction, and SCA classification are the three stages of the approach proposed in this work. First, pre‐processing is used to remove unnecessary information and improve the quality of the input using data cleaning and min‐max normalization. The previously processed data are then fed as input into the proposed hybrid deep learning architecture. A Deep Residual Capsule Auto‐Encoder (DR_CAE) model is introduced in the proposed study. The deep residual neural network‐50 (DRNN‐50) is utilized to extract relevant features in this case, while the side channel analysis is done by using capsule auto‐encoder (CAE). The parameters of the proposed model are adjusted using the modified white shark optimization (MWSO) technique to improve its performance. In the results section, the proposed model is compared to various existing models in terms of accuracy, precision, recall, F‐measures, time, and so on. The proposed framework has an accuracy of 98.802%, F‐measures of 98.801%, kappa coefficient of 97.6%, the precision value of 98.81%, and recall value of 98.80%.

telecommunications

Zhong Zeng,Dawu Gu,Junrong Liu,Zheng Guo

DOI: https://doi.org/10.1109/CIS.2014.80

2014-01-01

Abstract:Side-channel attack (SCA) is a very efficient cryptanalysis technology to attack cryptographic devices. It takes advantage of physical information leakages to recover the cryptographic key. In order to strengthen the power to extract the cryptographic key-relevant information, this article introduces the Support Vector Machine technologies. Taking a software implementation of masked AES-256 on an Atmel ATMega-163 smart card, we applied an improved profiled side-channel attack to recover the cryptographic key. The current best result of our attack is able to recover the first 128 bits key using only one power trace.

Maria Méndez Real,Rubén Salvador

DOI: https://doi.org/10.3390/app11156790

2021-10-22

Abstract:During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently, FPGAs. Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all sorts of real-world applications, including applications in the safety-critical and security-sensitive domains. However, the underlying hardware security vulnerabilities of embedded NN implementations remain unaddressed. In particular, embedded DNN implementations are vulnerable to Side-Channel Analysis (SCA) attacks, which are especially important in the IoT and edge computing contexts where an attacker can usually gain physical access to the targeted device. A research field has therefore emerged and is rapidly growing in terms of the use of SCA including timing, electromagnetic attacks and power attacks to target NN embedded implementations. Since 2018, research papers have shown that SCA enables an attacker to recover inference models architectures and parameters, to expose industrial IP and endangers data confidentiality and privacy. Without a complete review of this emerging field in the literature so far, this paper surveys state-of-the-art physical SCA attacks relative to the implementation of embedded DNNs on micro-controllers and FPGAs in order to provide a thorough analysis on the current landscape. It provides a taxonomy and a detailed classification of current attacks. It first discusses mitigation techniques and then provides insights for future research leads.

Cryptography and Security,Machine Learning,Neural and Evolutionary Computing

Weiwei Shan,Shuai Zhang,Yukun He

DOI: https://doi.org/10.1049/el.2017.1460

2017-01-01

Electronics Letters

Abstract:Side channel analysis (SCA) is effective to reveal the key of crypto devices by applying statistical analysis to a number of power traces, thus hardware countermeasure is necessary to protect the crypto circuits. A SCA-resistance methodology by machine learning trained power compensation module is proposed to compensate the probability of hamming distance (HD) of the intermediate data directly, to make it unable to be distinguished from correct and incorrect sub-key, thus providing resistance to SCA. The machine learning algorithm is used to find out the best HD redistribution mapping by using neural dynamic programming. Implemented on an AES-128 encryption algorithm circuit on a Xilinx Spartan-6 FPGA mounted on a SAKURA-G board, experimental SCA results show that it can provide more than 200 x measures to disclosure and still has no sign to reveal the advanced encryption standard (AES) sub-key. In addition, it has low power and area overhead and zero frequency overhead, thus is appropriate for hardware implementation of SCA countermeasure.