Efficient Masked Implementation for SEED Based on Combined Masking

This paper proposes an efficient masking method for the block cipher SEED that is standardized in Korea. The nonlinear parts of SEED consist of two S‐boxes and modular additions. However, the masked version of these nonlinear parts requires excessive RAM usage and a large number of operations. Protecting SEED by the general masking method requires 512 bytes of RAM corresponding to masked S‐boxes and a large number of operations corresponding to the masked addition. This paper proposes a new‐style masked S‐box which can reduce the amount of operations of the masking addition process as well as the RAM usage. The proposed masked SEED, equipped with the new‐style masked S‐box, reduces the RAM requirements to 288 bytes, and it also reduces the processing time by 38% compared with the masked SEED using the general masked S‐box. The proposed method also applies to other block ciphers with the same nonlinear operations.