Publications
Side Channel Considerations for AES Intermediate Rounds
We illustrate a theoretical side-channel analysis on the intermediate rounds of AES, using only the Hamming weights of the bytes registered after the S-box operation. Input and output state values are unknown. Simulations and a blind test were used to show the feasibility of the analysis under ideal conditions. General applicability of the idea and possible extensions are discussed, as well as limiting assumptions. Some implementation approaches are described in Appendix A, in the case of constrained computing capabilities (desktop or laptop).