This projected is currently funded by the ERC CoG SEAL, and is maintained by Si Gao.
The skeleton of this implementation comes from one of David McCann's test example for ELMO. The original version was written in Thumb assembly (GNU syntax), covering only the first round encryption. For various reasons, it was extended to a full 10-round masked implementation, in part to support research within the H2020 funded project REASSURE.
Unlike other implementations, the purpose of this implementation is to test what kind of leakage a Cortex M0 core could create in practice. This means not only this masked implementation has been tested by TVLA on a realistic M0 core, but also all assembly code has been customized to avoid any unexpected leakage. In other words, this is a "security-first" implementation: you might notice that although it is written in assembly, the encryption latency is not significantly better than other C-based implementations.
Note that this implementation is actually customized for a specific M0 core (NXP LPC 1114). Although many cores may have the same leakage behavior, there is no way to claim security for any core that has not been tested. Users may have to verify on their target platforms that whether the "patches" here are effective (or not).
The byte-wise implementation follows a well-known textbook example scheme. As said before, several security "patches" have been added to make it 1st order secure on that specific M0 core. Details can be found in the scheme introduction.
We have performed 1st order standard CRI TVLA test with 1 million traces on an NXP LPC1114 (Cortex M0) core.
Note that according to the CRI's standard, only the same leakage samples show up in both attempts as "leaky" with the same polarity will be counted as leakage.
Corresponding experiment setups can be found in Setup.md .
Simulation results based on our Cortex M0-based power simulator ELMO have been added to the new directory named "ELMO".
Attention: although this one does not show 1st order leakage, this is BY NO MEANS secure by itself! 1st order protection will not defeat 2nd order attack, which is indeed quite easy here.