Balanced Dual-Mask Protection Scheme for GIFT Cipher Against Power Attacks

A.A.M. Aljuffri, Cezar Reinbrecht, S. Hamdioui, M. Taouil, Johanna Sepulveda

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

21 Downloads (Pure)


Currently NIST is working towards the standardization of lightweight cryptography (LWC). Although the cryptanalytic strength of LWC is currently under deep scrutiny, the LWC implementation security has not been yet widely explored. GIFT block cipher is the main building block of many of the LWC NIST candidates and therefore has the potential to be part of the next lightweight crypto-standard. Hence it is important to understand its implementation vulnerabilities such as side-channel attacks (SCAs). Although SCAs have been evaluated for hardware implementations, no analysis or countermeasures have been proposed yet for software implementations. This work evaluates GIFT 128-bit software implementations (protected and unprotected) against power-based SCAs. Our protected implementation is based on a new lightweight countermeasure consisting of two balanced and masked SBoxes. Our results show that GIFT's SBox (or SubCell function) is vulnerable against profiled and non-profiled attacks when unprotected or protected implementations based on existing balancing or masking techniques are used. On the other hand, our proposed countermeasure that smartly combines balancing and masking offers full protection with negligible overhead.
Original languageEnglish
Title of host publication2022 IEEE 40th VLSI Test Symposium (VTS)
Number of pages6
ISBN (Electronic)978-1-6654-1060-1
Publication statusPublished - 2022
Event40th IEEE VLSI Test Symposium, VTS 2022 - Virtual, Online, United States
Duration: 25 Apr 202227 Apr 2022


Conference40th IEEE VLSI Test Symposium, VTS 2022
Country/TerritoryUnited States
CityVirtual, Online


  • Lightweight cipher
  • Side channel analysis
  • GIFT
  • Deep Learning
  • Countermeasure


Dive into the research topics of 'Balanced Dual-Mask Protection Scheme for GIFT Cipher Against Power Attacks'. Together they form a unique fingerprint.

Cite this