{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T03:57:53Z","timestamp":1760241473710,"version":"build-2065373602"},"reference-count":52,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2018,4,23]],"date-time":"2018-04-23T00:00:00Z","timestamp":1524441600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>Lightweight block ciphers are an important topic in the Internet of Things (IoT) since they provide moderate security while requiring fewer resources than the Advanced Encryption Standard (AES). Ongoing cryptographic contests and standardization efforts evaluate lightweight block ciphers on their resistance to power analysis side channel attack (SCA), and the ability to apply countermeasures. While some ciphers have been individually evaluated, a large-scale comparison of resistance to side channel attack and the formulation of absolute and relative costs of implementing countermeasures is difficult, since researchers typically use varied architectures, optimization strategies, technologies, and evaluation techniques. In this research, we leverage the Test Vector Leakage Assessment (TVLA) methodology and the FOBOS SCA framework to compare FPGA implementations of AES, SIMON, SPECK, PRESENT, LED, and TWINE, using a choice of architecture targeted to optimize throughput-to-area (TP\/A) ratio and suitable for introducing countermeasures to Differential Power Analysis (DPA). We then apply an equivalent level of protection to the above ciphers using 3-share threshold implementations (TI) and verify the improved resistance to DPA. We find that SIMON has the highest absolute TP\/A ratio of protected versions, as well as the lowest relative cost of protection in terms of TP\/A ratio. Additionally, PRESENT uses the least energy per bit (E\/bit) of all protected implementations, while AES has the lowest relative cost of protection in terms of increased E\/bit.<\/jats:p>","DOI":"10.3390\/computers7020028","type":"journal-article","created":{"date-parts":[[2018,4,24]],"date-time":"2018-04-24T04:44:48Z","timestamp":1524545088000},"page":"28","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Comparing the Cost of Protecting Selected Lightweight Block Ciphers against Differential Power Analysis in Low-Cost FPGAs"],"prefix":"10.3390","volume":"7","author":[{"given":"William","family":"Diehl","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering, George Mason University, Fairfax, VA 22030, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Abubakr","family":"Abdulgadir","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, George Mason University, Fairfax, VA 22030, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jens-Peter","family":"Kaps","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, George Mason University, Fairfax, VA 22030, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kris","family":"Gaj","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, George Mason University, Fairfax, VA 22030, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2018,4,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Diehl, W., Abdulgadir, A., Kaps, J.-P., and Gaj, K. (2017, January 11\u201313). Comparing the cost of protecting selected lightweight block ciphers against differential power analysis in low-cost FPGAs. Proceedings of the International Conference on Field Programmable Technologies (FPT 2017), Melbourne, Australia.","DOI":"10.1109\/FPT.2017.8280130"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Kocher, P.C., Jaffe, J., and Jun, B. (1999, January 15\u201319). Differential power analysis. Proceedings of the CRYPTO \u201999\u201419th International Conference on Cryptology, Santa Barbara, CA, USA.","DOI":"10.1007\/3-540-48405-1_25"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1007\/s13389-011-0006-y","article-title":"Introduction to Differential Power Analysis","volume":"1","author":"Kocher","year":"2011","journal-title":"J. Cryptogr. Eng."},{"key":"ref_4","unstructured":"(2018, March 31). CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness. Available online: http:\/\/competitions.cr.yp.to\/caesar.html."},{"key":"ref_5","unstructured":"Bernstein, D. (2018, February 27). Cryptographic Competitions. Available online: https:\/\/groups.google.com\/forum\/#!forum\/crypto-competitions."},{"key":"ref_6","unstructured":"National Institute of Standards and Technology (NIST) (2018, March 31). Lightweight Cryptography, Available online: https:\/\/www.nist.gov\/programs-projects\/lightweight-cryptography."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"McKay, K., Bassham, L., Turan, M., and Mouha, N. (2018, February 27). Report on Lightweight Cryptography (NISTIR 8114), Available online: http:\/\/nvlpubs.nist.gov\/nistpubs\/ir\/2017\/NIST.IR.8114.pdf.","DOI":"10.6028\/NIST.IR.8114"},{"key":"ref_8","unstructured":"(2018, April 16). Federal Information Processing Standards Publication 197, Advanced Encryption Standard (AES), Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.197.pdf."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Beaulieu, R., Treatman-Clark, S., Shors, D., Weeks, B., Smith, J., and Wingers, L. (2015, January 8\u201312). The SIMON and SPECK lightweight block ciphers. Proceedings of the 2015 52nd ACM\/EDAC\/IEEE Design Automation Conference (DAC), San Francisco, CA, USA.","DOI":"10.1145\/2744769.2747946"},{"key":"ref_10","unstructured":"Bogdanov, A., Knudsen, L., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C., Paillier, P., and Verbauwhede, I. (2007, January 10\u201313). PRESENT: An ultra-lightweight block cipher. Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2007: 9th International Workshop, Vienna, Austria."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Guo, J., Peyrin, T., Poschmann, A., and Robshaw, M. (October, January 28). The LED block cipher. Proceedings of the Cryptographic Hardware and Embedded Systems (CHES 2011): 13th International Workshop, Nara, Japan.","DOI":"10.1007\/978-3-642-23951-9_22"},{"key":"ref_12","first-page":"339","article-title":"TWINE: A Lightweight Block Cipher for Multiple Platforms","volume":"7707","author":"Suzaki","year":"2012","journal-title":"SAC"},{"key":"ref_13","unstructured":"Iwata, T., Minematsu, K., Guo, J., Morioka, S., and Kobayashi, E. (2018, March 31). CLOC and SILC v3. Available online: https:\/\/competitions.cr.yp.to\/round3\/clocsilcv3.pdf."},{"key":"ref_14","unstructured":"Wu, H., and Huang, T. (2018, February 27). JAMBU Lightweight Authenticated Encryption Mode. Available online: http:\/\/www3.ntu.edu.sg\/home\/wuhj\/research\/caesar\/caesar.html."},{"key":"ref_15","unstructured":"Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., and Rohatgi, P. (2013, January 24\u201326). Test Vector Leakage Assessment (TVLA) methodology in practice. Proceedings of the International Cryptographic Module Conference, Gaithersburg, MD, USA."},{"key":"ref_16","unstructured":"Goodwill, G., Jun, B., Jaffe, J., and Rohatgi, P. (2011, January 25\u201327). A testing methodology for side channel resistance validation. Proceedings of the NIST Non-Invasive Attack Testing Workshop, Nara, Japan."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1007\/s13389-016-0120-y","article-title":"Leakage Assessment Methodology","volume":"6","author":"Schneider","year":"2016","journal-title":"J. Cryptogr. Eng."},{"key":"ref_18","unstructured":"Cryptographic Engineering Research Group (2018, February 27). Flexible Open-Source WorkBench fOr Side-Channel Analysis (FOBOS). Available online: https:\/\/cryptography.gmu.edu\/fobos\/."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Nikova, S., Rechberger, C., and Rijmen, V. (2006, January 4\u20137). Threshold implementations against side-channel attacks and glitches. Proceedings of the 8th International Conference on Information and Communications Security, Raleigh, NC, USA.","DOI":"10.1007\/11935308_38"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"612","DOI":"10.1145\/359168.359176","article-title":"How to Share a Secret","volume":"22","author":"Shamir","year":"1979","journal-title":"Commun. ACM"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Yao, A. (1982, January 3\u20135). Protocols for secure computation. Proceedings of the 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), Chicago, IL, USA.","DOI":"10.1109\/SFCS.1982.38"},{"key":"ref_22","first-page":"157","article-title":"Successfully attacking masked AES hardware implementations","volume":"Volume 3659","author":"Mangard","year":"2005","journal-title":"International Workshop on Cryptographic Hardware and Embedded Systems"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., and Rijmen, V. (2014, January 28\u201330). A more efficient AES threshold implementation. Proceedings of the 7th International Conference on Cryptology in Africa (AFRICACRYPT 2014), Marrakesh, Morocco.","DOI":"10.1007\/978-3-319-06734-6_17"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Moradi, A., Poschmann, A., Ling, S., Paar, C., and Wang, H. (2011, January 15\u201319). Pushing the limits: A very compact and a threshold implementation of AES. Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2011), Tallinn, Estonia.","DOI":"10.1007\/978-3-642-20465-4_6"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"322","DOI":"10.1007\/s00145-010-9086-6","article-title":"Side-Channel Resistant Crypto for Less than 2300 GE","volume":"24","author":"Poschmann","year":"2011","journal-title":"J. Cryptol."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Kutzner, S., Nguyen, P., Poschmann, A., and Wang, H. (2013, January 6\u20138). On 3-share threshold implementations for 4-Bit S-boxes. Proceedings of the Constructive Side-Channel Analysis and Secure Design: 4th International Workshop, COSADE 2013, Paris, France.","DOI":"10.1007\/978-3-642-40026-1_7"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"661","DOI":"10.1109\/TC.2016.2614504","article-title":"Lightweight Side Channel Resistance: Threshold Implementations of Simon","volume":"66","author":"Shahverdi","year":"2017","journal-title":"IEEE Trans. Comput."},{"key":"ref_28","unstructured":"Chen, C., Inci, M.S., Taha, M., and Eisenbarth, T. (2016, January 7\u20139). SpecTre: A tiny side-channel resistant speck core for FPGAs. Proceedings of the Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016, Cannes, France."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Schneider, T., Moradi, A., and G\u00fcneysu, T. (2016, January 14\u201318). ParTI\u2014Towards combined hardware countermeasures against side-channel and fault-injection attacks. Proceedings of the 36th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO 2016), Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-662-53008-5_11"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/s41635-017-0021-2","article-title":"An Evaluation of Lightweight Block Ciphers for Resource-Constrained Applications: Area, Performance, and Security","volume":"1","author":"Sadhukhan","year":"2017","journal-title":"J. Hardw. Syst. Secur."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Canright, D., and Batina, L. (2008, January 3\u20136). A Very Compact \u2018Perfectly Masked\u2019 S-box for AES. Proceedings of the 6th International Conference on Applied Cryptography and Network Security, ANCS 2008, New York, NY USA.","DOI":"10.1007\/978-3-540-68914-0_27"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Ko\u00e7, \u00c7.K. (2009). FPGA and ASIC implementations of AES. Cryptographic Engineering, Springer Science & Business Media.","DOI":"10.1007\/978-0-387-71817-0"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Goubin, L. (2001, January 14\u201316). A sound method for switching between Boolean and arithmetic masking. Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2001, Third International Workshop, Paris, France.","DOI":"10.1007\/3-540-44709-1_2"},{"key":"ref_34","first-page":"150","article-title":"Securing the AES finalists against power analysis attacks","volume":"Volume 1978","author":"Messerges","year":"2002","journal-title":"Fast Software Encryption"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Coron, J.S., and Tchulkine, A. (2003, January 8\u201310). A New algorithm for switching from arithmetic to Boolean masking. Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2003: 5th International Workshop, Cologne, Germany.","DOI":"10.1007\/978-3-540-45238-6_8"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Debraize, B. (2012, January 9\u201312). Efficient and provably secure methods for switching from arithmetic to Boolean masking. Proceedings of the 14th International Conference on Cryptographic Hardware and Embedded Systems\u2014CHES 2012, Leuven, Belgium. Volume 7428 of the Series Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-642-33027-8_7"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"291","DOI":"10.1109\/TCSI.2006.885974","article-title":"Techniques for random masking in Hardware","volume":"Volume 54","author":"Golic","year":"2007","journal-title":"IEEE Transactions on Circuits and Systems I: Regular Papers"},{"key":"ref_38","unstructured":"Coron, J., Gro\u00dfsch\u00e4dl, J., and Vadnala, P. (2014, January 23\u201326). Secure conversion between Boolean and arithmetic masking of any order. Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2014, 16th International Workshop, Busan, Korea."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Schneider, T., Moradi, A., and G\u00fcneysu, T. (2015, January 2\u20135). Arithmetic addition over Boolean Masking. Proceedings of the Applied Cryptography and Network Security: 13th International Conference, ACNS 2015, New York, NY, USA.","DOI":"10.1007\/978-3-319-28166-7_27"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"786","DOI":"10.1109\/TC.1973.5009159","article-title":"A Parallel Algorithm for the Efficient Solution of a General Class of Recurrence Equations","volume":"100","author":"Kogge","year":"1973","journal-title":"IEEE Trans. Comput."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Rivain, M., and Prouff, E. (2010, January 17\u201320). Provably secure higher-order masking of AES. Proceedings of the Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-642-15031-9_28"},{"key":"ref_42","unstructured":"Xilinx (2018, April 16). UG625 Constraints Guide (v. 14.5). Available online: https:\/\/www.xilinx.com\/support\/documentation\/sw_manuals\/xilinx14_7\/cgd.pdf."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Bilgin, B., Nikova, S., Nikov, V., and Rijmen, V. (2012, January 9\u201312). Threshold implementation of all 3 \u00d7 3 and 4 \u00d7 4 S-boxes. Proceedings of the Cryptographic Hardware and Embedded Systems CHES 2012: 14th International Workshop, Leuven, Belgium.","DOI":"10.1007\/978-3-642-33027-8_5"},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1109\/LES.2014.2314961","article-title":"SIMON Says: Break Area Records of Block Ciphers on FPGAs","volume":"6","author":"Aysu","year":"2014","journal-title":"IEEE Embed. Syst. Lett."},{"key":"ref_45","unstructured":"Ambrose, J., Ignjatovic, A., and Parameswaran, S. (2010). Power Analysis Side Channel Attacks: The Processor Design-Level Context, VDM Publishing."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Ishai, Y., Sahai, A., and Wagner, D. (2003). Private Circuits: Securing Hardware against Probing Attacks. Advances in Cryptology, CRYPTO 2003, Springer. Volume 2729 of Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-540-45146-4_27"},{"key":"ref_47","unstructured":"Tiri, K., and Verbauwhede, I. (2004, January 16\u201320). A logic level design methodology for a secure DPA Resistant ASIC or FPGA implementation. Proceedings of the Design, Automation and Test in Europe Conference and Exhibition, Paris, France."},{"key":"ref_48","unstructured":"Yu, P., and Schaumont, P. (October, January 30). Secure FPGA circuits using controlled placement and routing. Proceedings of the 5th IEEE\/ACM International Conference on Hardware\/Software Codesign and System Synthesis, Salzburg, Austria."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Velegalati, R., and Kaps, J.P. (September, January 31). DPA resistance for light-weight implementations of cryptographic algorithms on FPGAs. Proceedings of the 2009 International Conference on Field Programmable Logic and Applications, Prague, Czech Republic.","DOI":"10.1109\/FPL.2009.5272260"},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Ambrose, J.A., Parameswaran, S., and Ignjatovic, A. (2008, January 10\u201313). MUTE-AES: A multiprocessor architecture to prevent power analysis-based side channel attack of the AES algorithm. Proceedings of the 2008 IEEE\/ACM International Conference on Computer-Aided Design, San Jose, CA, USA.","DOI":"10.1109\/ICCAD.2008.4681650"},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Diehl, W., and Gaj, K. (September, January 31). Implementation of a Boolean masking scheme for the SCREAM cipher. Proceedings of the 2016 Euromicro Conference on Digital System Design (DSD), Limassol, Cyprus.","DOI":"10.1109\/DSD.2016.85"},{"key":"ref_52","unstructured":"Kern, R. (2018, February 27). A Simple File Format for NumPy Arrays. Available online: https:\/\/docs.scipy.org\/doc\/numpy-dev\/neps\/npy-format.html."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/7\/2\/28\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:01:41Z","timestamp":1760194901000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/7\/2\/28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,4,23]]},"references-count":52,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2018,6]]}},"alternative-id":["computers7020028"],"URL":"https:\/\/doi.org\/10.3390\/computers7020028","relation":{},"ISSN":["2073-431X"],"issn-type":[{"type":"electronic","value":"2073-431X"}],"subject":[],"published":{"date-parts":[[2018,4,23]]}}}