A New Exponentiation Algorithm Resistant to Combined Side Channel Attack

Abstract Since two different types of side channel attacks based on passive information leakage and active fault injection are independently considered as implementation threats on cryptographic modules, most countermeasures have been separately developed according to each attack type. But then, Amiel et al. proposed a combined side channel attack in which an attacker combines these two methods to recover the secret key in an RSA implementation. In this paper, we show that the BNP (Boscher, Naciri, and Prouff) algorithm for RSA, which is an SPA/FA-resistant exponentiation method, is also vulnerable to the combined attack. In addition, we propose a new exponentiation algorithm resistant to power analysis and fault attack as well as the combined attack. The proposed secure exponentiation algorithm can be employed to strengthen the security of CRT-RSA

Alternative Tower Field Construction for Quantum Implementation of the AES S-box

Grover’s search algorithm allows a quantum adversary to find a k-bit secret key of a block cipher by making O(2k/2) block cipher queries. Resistance of a block cipher to such an attack is evaluated by quantum resources required to implement Grover’s oracle for the target cipher. The quantum resources are typically estimated by the T-depth of its circuit implementation (time) and the number of qubits used by the circuit (space). Since the AES S-box is the only component which requires T-gates in the quantum implementation of AES, recent research has put its focus on efficient implementation of the AES S-box. However, any efficient implementation with low T-depth will not be practical in the real world without considering qubit consumption of the implementation. In this work, we propose four methods of trade-off between time and space for the quantum implementation of the AES S-box. In particular,one of our methods turns out to use the smallest number of qubits among the existing methods, significantly reducing its T-depth

Failure of semiclassical models to describe resistivity of nanometric, polycrystalline tungsten films

The impact of electron scattering at surfaces and grain boundaries in nanometric polycrystalline tungsten (W) films was studied. A series of polycrystalline W films ranging in thickness from 10 to 310 nm and lateral grain size from 74 to 133 nm were prepared on thermally oxidized Si. The Fuchs-Sondheimer surface-scattering model and Mayadas-Shatzkes grain-boundary scattering model were employed for quantitative analyses. Predictions from the theoretical models were found to deviate systematically from the experimental data. Possible reasons for the failure of the theoretical models to describe the experimental data are explored. Finally, a discussion of the crucial features lacking from existing models is presented, along with possible avenues for improving the models to result in better agreement with experimental data

Phase, grain structure, stress, and resistivity of sputter-deposited tungsten films

Sputter-deposited W films with nominal thicknesses between 5 and 180 nm were prepared by varying the base pressure prior to film deposition and by including or not including sputtered SiO(2) encapsulation layers. X-ray and electron diffraction studies showed that single phase, polycrystalline alpha-W could be achieved in as-deposited films as thin as 5 nm. The stress state in the as-deposited films was found to be inhomogeneous. Annealing resulted in stress relaxation and reduction of resistivity for all films, except the thinnest, unencapsulated film, which agglomerated. In-plane film grain sizes measured for a subset of the annealed films with thicknesses between 5 and 180 nm surprisingly showed a near constant value (101-116 nm), independent of film thickness. Thick-film ( \u3e = 120 nm) resistivity values as low as 8.6 mu Omega cm at 301 K were obtained after annealing at 850 degrees C for 2 h. Film resistivities were found to increase with decreasing film thicknesses below 120 nm, even for films which are fully A2 alpha-W with no metastable, A15 beta-W evident

Phase, grain structure, stress, and resistivity of sputter-deposited tungsten films

Sputter-deposited W films with nominal thicknesses between 5 and 180 nm were prepared by varying the base pressure prior to film deposition and by including or not including sputtered SiO(2) encapsulation layers. X-ray and electron diffraction studies showed that single phase, polycrystalline alpha-W could be achieved in as-deposited films as thin as 5 nm. The stress state in the as-deposited films was found to be inhomogeneous. Annealing resulted in stress relaxation and reduction of resistivity for all films, except the thinnest, unencapsulated film, which agglomerated. In-plane film grain sizes measured for a subset of the annealed films with thicknesses between 5 and 180 nm surprisingly showed a near constant value (101-116 nm), independent of film thickness. Thick-film ( \u3e = 120 nm) resistivity values as low as 8.6 mu Omega cm at 301 K were obtained after annealing at 850 degrees C for 2 h. Film resistivities were found to increase with decreasing film thicknesses below 120 nm, even for films which are fully A2 alpha-W with no metastable, A15 beta-W evident

Electron mean free path of tungsten and the electrical resistivity of epitaxial (110) tungsten films

This work describes a study of the classical electrical resistivity size effect in tungsten. The important length scale for this size effect is the isotropic average electron mean free path (EMFP), which was determined to be 19.1 nm for W at 293 K by employing density functional theory. To explore the size effect experimentally, (110) oriented epitaxial W films with thicknesses ranging from 9.8 to 299.7 nm were prepared by sputter deposition onto (11 (2) over bar0) Al2O3 substrates at 520 degrees C followed by postdeposition annealing in Ar-4%H-2 at 850 degrees C. Film resistivities were measured at room temperature and at liquid He temperature. The Fuchs-Sondheimer (FS) surface scattering model with a low specularity parameter (p = 0.11) was shown to provide a good description of the film resistivity as a function of film thickness. Further, it is shown that an upper bound to the EMFP cannot be established by fitting resistivity data to the FS model, whereas a lower bound can be assessed

The Transmittance Modulation of ZnO/Cu/ZnO Transparent Conductive Electrodes Prepared on Glass Substrates

With the explosive development of optoelectronic devices, the need for high-performance transparent conductive (TCE) electrodes for optoelectronic devices has been increasing accordingly. The two major TCE requirements are (1) visible light average transmittance higher than 80% and (2) sheet resistance lower than 10 Ω/sq. In this study, we investigated the critical role of the top and bottom ZnO thicknesses for the ZnO/Cu/ZnO electrodes prepared on glass substrates. It was shown that the required Cu thickness to meet the conductivity requirement is 8 nm, which was fixed and then the thicknesses of the top and ZnO layers were independently varied to experimentally determine the optimized conditions for optical transparency. The thicknesses of the top and bottom ZnO layers were both found to significantly affect the peak transmittance as well as the average visible light transmittance. The ZnO/Cu/ZnO electrode exhibits peak and average transmittance of 95.4% and 87.4%, excluding the transmittance of glass substrates, along with a sheet resistance of 9.7 Ω/sq, with a corresponding Haacke’s figure of merit (φH=Tave10Rs) of 0.064, which exceeds the reported value for the ZnO/Cu/ZnO electrodes, manifesting the need of experimental optimization in this study

2014 Workshop on Fault Diagnosis and Tolerance in Cryptography

International audienc

Construction of Efficient and Secure Pairing Algorithm and its Application

Abstract. The randomized projective coordinate (RPC) method applied to a pairing computation algorithm is a good solution that provides an efficient countermeasure against side channel attacks. In this study, we investigate measures for increasing the efficiency of the RPC-based countermeasures and construct a method that provides an efficient RPCbased countermeasure against side channel attacks. We then apply our method to the well-known ηT pairing algorithm over binary fields and obtain an RPC-based countermeasure for the ηT pairing; our method is more efficient than the RPC method applied to the original ηT pairing algorithm