A general problem in secure data storage is the possibility of side channel leakage, such that power analysis on a circuit can be used to reveal operations in the circuit that are intended to be secret. Revealing such operations can result in cryptographic codes operating in the circuit being broken and a consequent loss of security. This is a particular problem with circuits that need to operate in a ‘hostile’ environment, i.e. where there is uncontrolled access to the circuit, such as in a smart card where embedded integrated circuits perform cryptographic operations for secure transactions. The general problem of side channel leakages and ways to exploit them was introduced by Kocher et al in “Differential Power Analysis”, CRYPTO '99, Vol. 1666 of Lecture Notes in Computer Science (LCNS), pp. 388-397, 1999.
One way of addressing the problem of side channel leakage is through masking techniques, for example using a technique known as threshold implementation, as proposed by Nikova et al in “Threshold Implementations Against Side-Channel Attacks and Glitches”, ICICS 2006, Vol. 4307 of LNCS, pp. 529-545, 2006. An example of a secure AES based implementation has been introduced by Moradi et al in “Pushing the limits: A very compact and a threshold implementation of AES”, EUROCRYPT, Vol. 6632 of LNCS, pp 69-88. 2011. Such implementations, however, require substantially increased storage requirements, due to the additional space required for masking data. The Moradi implementation, for example, requires three times that of a conventional AES implementation. This is a problem for implementations where storage and processing power is at a premium, such as in smart card applications.