	US 12,407,490 B2
	Redundancy AES masking basis for attack mitigation using lookup tables
Ury Kreimer, Tekoa (IL); Yaacov Belenky, Maale Adumim (IL); and Alexander Kesler, Newton, MA (US)
Assigned to FortifyIQ, Inc., Newton, MA (US)
Filed by FortifyIQ, Inc., Newton, MA (US)
Filed on Sep. 5, 2023, as Appl. No. 18/461,206.
Claims priority of provisional application 63/374,694, filed on Sep. 6, 2022.
Prior Publication US 2024/0089086 A1, Mar. 14, 2024
Int. Cl. G06F 21/00 (2013.01); G06F 17/16 (2006.01); H04L 9/00 (2022.01); H04L 9/06 (2006.01)

CPC H04L 9/0631 (2013.01) [G06F 17/16 (2013.01); H04L 9/002 (2013.01)]

42 Claims

1. A method comprising:

receiving input data representing one of a plaintext or a ciphertext, and a key;

representing each byte B of the input data as a respective redundant byte B′, the respective redundant byte having 8+d bits, where the respective redundant byte B′ is a polynomial over GF(2) modulo a product PQ such that B=B′ modulo P, where P is a polynomial of degree eight and Q is a polynomial of degree d≥0;

performing:

an AddRoundKey operation and a ShiftRows operation to produce a respective first redundant state; and

one of a composite redundant SubBytes and redundant MixColumns operation or a composite redundant InvSubBytes and redundant InvMixColumns on the respective first redundant state using a lookup table (LUT) to produce a respective second redundant state; and

repeating the performing a specified number of times to produce output data representing one of a ciphertext or a plaintext from the respective second redundant state.