Construction of Rotation Symmetric S-Boxes with High Nonlinearity and Improved DPA Resistivity

Abstract

In this paper, we provide an $n\times n$ bijective rotation symmetric S-box (RSSB) construction with improved resistance to differential power analysis (DPA) using rotation-symmetric Boolean functions (RSBFs). The RSSB class is generated from an instance of a proposed RSSB construction and then iteratively applying a simulated annealing algorithm in the respective neighborhood of the RSSB followed by a hill climbing algorithm to obtain a good tradeoff of cryptographic properties. The constructed $8\times 8$ RSSBs have a nonlinearity of $102$ and transparency order value $7.709$ whereas the Rijndael S-box has a higher transparency order of $7.86$ . The evaluation of security metric called guessing entropy on the constructed RSSBs shows that a side-channel adversary requires more effort to exploit information leakage from the simulated power traces. In comparison to Rijndael S-box, the correlation based DPA on RSSBs which when incorporated in AES-128, shows requirement of significantly more power traces when implemented on Xilinx Virtex-5 FPGA device on SASEBO-GII development board. While the distributed memory and block memory implementations of the Rijndael S-box required $500$ and $2,000$ power traces to extract the last round key, our proposed RSSBs required $2,000$ and $12,000$ power traces respectively.