Hannes Gross
ABSTRACT
Masking is the best-researched countermeasure against side-channel analysis attacks. Even though masking was introduced almost 20 years ago, its efficient implementation continues to be an active research topic. Many of the existing works focus on the reduction of randomness requirements since the production of fresh random bits with high entropy is very costly in practice. Most of these works rely on the assumption that only so-called online randomness results in additional costs. In practice, however, it shows that the distinction between randomness costs to produce the initial masking and the randomness to maintain security during computation (online) is not meaningful. In this work, we thus study the question of minimum randomness requirements for first-order Boolean masking when taking the costs for initial randomness into account. We demonstrate that first-order masking can in theory always be performed by just using two fresh random bits and without requiring online randomness. We first show that two random bits are enough to mask linear transformations and then discuss prerequisites under which nonlinear transformations are securely performed likewise. Subsequently, we introduce a new masked AND gate that fulfills these requirements and which forms the basis for our synthesis tool that automatically transforms an unmasked implementation into a first-order secure masked implementation. We demonstrate the feasibility of this approach by implementing AES in software with only two bits of randomness, including the initial masking. Finally, we use these results to discuss the gap between theory and practice and the need for more accurate adversary models.
- Josep Balasch, Sebastian Faust, Benedikt Gierlichs, Clara Paglialonga, and François-Xavier Standaert. 2017. Consolidating Inner Product Masking, See citeNDBLP:conf/asiacrypt/2017-1, 724--754. https://doi.org/10.1007/978-3-319-70694-8_25Google Scholar
- Josep Balasch, Benedikt Gierlichs, Vincent Grosso, Oscar Reparaz, and Francc ois-Xavier Standaert. 2014. On the Cost of Lazy Engineering for Masked Software Implementations. In Smart Card Research and Advanced Applications - 13th International Conference, CARDIS 2014, Paris, France, November 5-7, 2014. Revised Selected Papers (Lecture Notes in Computer Science),, Marc Joye and Amir Moradi (Eds.), Vol. 8968. Springer, 64--81. https://doi.org/10.1007/978-3-319-16763-3_5Google Scholar
- Josep Balasch, Benedikt Gierlichs, Oscar Reparaz, and Ingrid Verbauwhede. 2015. DPA, Bitslicing and Masking at 1 GHz. In Cryptographic Hardware and Embedded Systems - CHES 2015 - 17th International Workshop, Saint-Malo, France, September 13--16, 2015, Proceedings (Lecture Notes in Computer Science), Tim Gü neysu and Helena Handschuh (Eds.), Vol. 9293. Springer, 599--619. https://doi.org/10.1007/978-3-662-48324-4_30Google Scholar
- Gilles Barthe, Sonia Bela"i d, Pierre-Alain Fouque, and Benjamin Gré goire. 2018. maskVerif: a formal tool for analyzing software and hardware masked implementations. IACR Cryptology ePrint Archive, Vol. 2018 (2018), 562.Google Scholar
- Gilles Barthe, Francc ois Dupressoir, Sebastian Faust, Benjamin Gré goire, Francc ois-Xavier Standaert, and Pierre-Yves Strub. 2017. Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model. In EUROCRYPT (1) (Lecture Notes in Computer Science), Vol. 10210. 535--566.Google Scholar
- Alberto Battistello, Jean-Sé bastien Coron, Emmanuel Prouff, and Rina Zeitoun. 2016. Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme. In Cryptographic Hardware and Embedded Systems - CHES 2016 - 18th International Conference, Santa Barbara, CA, USA, August 17--19, 2016, Proceedings (Lecture Notes in Computer Science),, Benedikt Gierlichs and Axel Y. Poschmann (Eds.), Vol. 9813. Springer, 23--39. https://doi.org/10.1007/978-3-662-53140-2_2Google Scholar
- Auré lie Bauer, É liane Jaulmes, Emmanuel Prouff, and Justine Wild. 2013a. Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations. In Topics in Cryptology - CT-RSA 2013 - The Cryptographers' Track at the RSA Conference 2013, San Francisco,CA, USA, February 25-March 1, 2013. Proceedings (Lecture Notes in Computer Science),, Ed Dawson (Ed.), Vol. 7779. Springer, 1--17. https://doi.org/10.1007/978-3-642-36095-4_1Google Scholar
- Auré lie Bauer, É liane Jaulmes, Emmanuel Prouff, and Justine Wild. 2013b. Horizontal Collision Correlation Attack on Elliptic Curves. In Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby, BC, Canada, August 14-16, 2013, Revised Selected Papers (Lecture Notes in Computer Science), Tanja Lange, Kristin E. Lauter, and Petr Lisonek (Eds.), Vol. 8282. Springer, 553--570. https://doi.org/10.1007/978-3-662-43414-7_28Google Scholar
- Sonia Belaïd, Fabrice Benhamouda, Alain Passelè gue, Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2016. Randomness Complexity of Private Circuits for Multiplication. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 9666. Springer, 616--648.Google Scholar
- Sonia Belaïd, Fabrice Benhamouda, Alain Passelè gue, Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2017. Private Multiplication over Finite Fields. In CRYPTO (3) (Lecture Notes in Computer Science), Vol. 10403. Springer, 397--426.Google Scholar
- Begü l Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2014. Higher-Order Threshold Implementations. In ASIACRYPT (2) (Lecture Notes in Computer Science), Vol. 8874. Springer, 326--343.Google Scholar
- Alex Biryukov, Daniel Dinu, Yann Le Corre, and Aleksei Udovenko. 2017. Optimal First-Order Boolean Masking for Embedded IoT Devices. In CARDIS (Lecture Notes in Computer Science), Vol. 10728. Springer, 22--41.Google Scholar
- Roderick Bloem, Hannes Groß, Rinat Iusupov, Bettina Kö nighofer, Stefan Mangard, and Johannes Winter. 2018. Formal Verification of Masked Hardware Implementations in the Presence of Glitches. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 10821. Springer, 321--353.Google Scholar
- Joan Boyar, Morris Dworkin, Rene Peralta, Meltem Turan, Cagdas Calik, and Luis Brandao. [n.d.]. Circuit Minimization Work. http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html.Google Scholar
- Joan Boyar, Philip Matthews, and René Peralta. 2013. Logic Minimization Techniques with Applications to Cryptology. J. Cryptology, Vol. 26, 2 (2013), 280--312. https://doi.org/10.1007/s00145-012--9124--7Google ScholarDigital Library
- Joan Boyar and René Peralta. 2012. A Small Depth-16 Circuit for the AES S-Box. In SEC (IFIP Advances in Information and Communication Technology), Vol. 376. Springer, 287--298.Google Scholar
- David Canright. 2005. A Very Compact S-Box for AES. In CHES (Lecture Notes in Computer Science), Vol. 3659. Springer, 441--455.Google Scholar
- Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards Sound Approaches to Counteract Power-Analysis Attacks. In CRYPTO (Lecture Notes in Computer Science), Vol. 1666. Springer, 398--412.Google Scholar
- Joan Daemen. 2017. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharing. In Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017, Proceedings (Lecture Notes in Computer Science), Wieland Fischer and Naofumi Homma (Eds.), Vol. 10529. Springer, 137--153. https://doi.org/10.1007/978-3-319-66787-4_7Google Scholar
- Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In TACAS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings, C. R. Ramakrishnan and Jakob Rehof (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 337--340. https://doi.org/10.1007/978-3-540-78800-3_24Google ScholarCross Ref
- Alexandre Duc, Stefan Dziembowski, and Sebastian Faust. 2014. Unifying Leakage Models: From Probing Attacks to Noisy Leakage. In EUROCRYPT (Lecture Notes in Computer Science), Vol. 8441. Springer, 423--440.Google Scholar
- Sebastian Faust, Vincent Grosso, Santos Merino Del Pozo, Clara Paglialonga, and Francc ois-Xavier Standaert. 2018. Composable Masking Schemes in the Presence of Physical Defaults & the Robust Probing Model. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2018, 3 (2018), 89--120. https://doi.org/10.13154/tches.v2018.i3.89--120Google ScholarCross Ref
- Sebastian Faust, Clara Paglialonga, and Tobias Schneider. 2017. Amortizing Randomness Complexity in Private Circuits, See citeNDBLP:conf/asiacrypt/2017-1, 781--810. https://doi.org/10.1007/978-3-319-70694-8_27Google Scholar
- Ashrujit Ghoshal and Thomas De Cnudde. 2017. Several Masked Implementations of the Boyar-Peralta AES S-Box. In INDOCRYPT (Lecture Notes in Computer Science), Vol. 10698. Springer, 384--402.Google Scholar
- Dahmun Goudarzi and Matthieu Rivain. 2017. How Fast Can Higher-Order Masking Be in Software?. In Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part I (Lecture Notes in Computer Science),, Jean-Sé bastien Coron and Jesper Buus Nielsen (Eds.), Vol. 10210. 567--597. https://doi.org/10.1007/978-3-319-56620-7_20Google Scholar
- Hannes Groß, Rinat Iusupov, and Roderick Bloem. 2018. Generic Low-Latency Masking in Hardware. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2018, 2 (2018), 1--21.Google Scholar
- Hannes Groß and Stefan Mangard. 2017. Reconciling d+1 Masking in Hardware and Software. In CHES (Lecture Notes in Computer Science), Vol. 10529. Springer, 115--136.Google Scholar
- Hannes Groß and Stefan Mangard. 2018. A unified masking approach. J. Cryptographic Engineering, Vol. 8, 2 (2018), 109--124.Google ScholarCross Ref
- Hannes Groß, Stefan Mangard, and Thomas Korak. 2016. Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order. IACR Cryptology ePrint Archive, Vol. 2016 (2016), 486.Google Scholar
- Neil Hanley, HeeSeok Kim, and Michael Tunstall. 2015. Exploiting Collisions in Addition Chain-Based Exponentiation Algorithms Using a Single Trace, See citeNDBLP:conf/ctrsa/2015, 431--448. https://doi.org/10.1007/978-3-319-16715-2_23Google Scholar
- Yuval Ishai, Amit Sahai, and David A. Wagner. 2003. Private Circuits: Securing Hardware against Probing Attacks. In CRYPTO (Lecture Notes in Computer Science), Vol. 2729. Springer, 463--481.Google Scholar
- Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In CRYPTO (Lecture Notes in Computer Science), Vol. 1666. Springer, 388--397.Google Scholar
- Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-Channel Attacks and Glitches. In ICICS (Lecture Notes in Computer Science), Vol. 4307. Springer, 529--545.Google Scholar
- Svetla Nikova, Vincent Rijmen, and Martin Schl"a ffer. 2008. Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches. In Information Security and Cryptology - ICISC 2008, 11th International Conference, Seoul, Korea, December 3-5, 2008, Revised Selected Papers (Lecture Notes in Computer Science), Pil Joong Lee and Jung Hee Cheon (Eds.), Vol. 5461. Springer, 218--234. https://doi.org/10.1007/978-3-642-00730-9_14Google Scholar
- Kaisa Nyberg (Ed.). 2015. Topics in Cryptology - CT-RSA 2015, The Cryptographer's Track at the RSA Conference 2015, San Francisco, CA, USA, April 20-24, 2015. Proceedings. Lecture Notes in Computer Science, Vol. 9048. Springer. https://doi.org/10.1007/978-3-319-16715-2Google Scholar
- Jing Pan, J. I. den Hartog, and Jiqiang Lu. 2009. You Cannot Hide behind the Mask: Power Analysis on a Provably Secure S-Box Implementation. In Information Security Applications, 10th International Workshop, WISA 2009, Busan, Korea, August 25--27, 2009, Revised Selected Papers (Lecture Notes in Computer Science), Heung Youl Youm and Moti Yung (Eds.), Vol. 5932. Springer, 178--192. https://doi.org/10.1007/978-3-642-10838-9_14Google Scholar
- Kostas Papagiannopoulos and Nikita Veshchikov. 2017. Mind the Gap: Towards Secure 1st-Order Masking in Software. In Constructive Side-Channel Analysis and Secure Design - 8th International Workshop, COSADE 2017, Paris, France, April 13-14, 2017, Revised Selected Papers (Lecture Notes in Computer Science), Sylvain Guilley (Ed.), Vol. 10348. Springer, 282--297. https://doi.org/10.1007/978-3-319-64647-3_17Google Scholar
- Jean-Jacques Quisquater and David Samyde. 2001. ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards. In E-smart (Lecture Notes in Computer Science), Vol. 2140. Springer, 200--210.Google Scholar
- Oscar Reparaz, Begü l Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede. 2015. Consolidating Masking Schemes. In CRYPTO (1) (Lecture Notes in Computer Science), Vol. 9215. Springer, 764--783.Google Scholar
- Matthieu Rivain and Emmanuel Prouff. 2010. Provably Secure Higher-Order Masking of AES. In Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17--20, 2010. Proceedings (Lecture Notes in Computer Science), Stefan Mangard and Francc ois-Xavier Standaert (Eds.), Vol. 6225. Springer, 413--427. https://doi.org/10.1007/978-3-642-15031-9_28Google Scholar
- Peter Schwabe and Ko Stoffelen. 2016. All the AES You Need on Cortex-M3 and M4. In SAC (Lecture Notes in Computer Science), Vol. 10532. Springer, 180--194.Google Scholar
- Ko Stoffelen. 2016. Instruction scheduling and register allocation on ARM Cortex-M. In Software performance enhancement for encryption and decryption, and benchmarking - SPEED-B.Google Scholar
- Takeshi Sugawara. 2019. 3-Share Threshold Implementation of AES S-box without Fresh Randomness. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2019, 1 (2019), 123--145. https://doi.org/10.13154/tches.v2019.i1.123--145Google Scholar
- Tsuyoshi Takagi and Thomas Peyrin (Eds.). 2017 Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3--7, 2017, Proceedings, Part I. Lecture Notes in Computer Science, Vol. 10624. Springer. https://doi.org/10.1007/978-3-319-70694-8Google Scholar
- Andrea Visconti, Chiara Valentina Schiavo, and René Peralta. 2017. Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2). IACR Cryptology ePrint Archive, Vol. 2017 (2017), 194. http://eprint.iacr.org/2017/194Google Scholar
- Junwei Wang, Praveen Kumar Vadnala, Johann Großschädl, and Qiuliang Xu. 2015. Higher-Order Masking in Practice: A Vector Implementation of Masked AES for ARM NEON, See citeNDBLP:conf/ctrsa/2015, 181--198. https://doi.org/10.1007/978-3-319-16715-2_10Google Scholar
- Felix Wegener and Amir Moradi. 2018a. A First-Order SCA Resistant AES Without Fresh Randomness. In Constructive Side-Channel Analysis and Secure Design - 9th International Workshop, COSADE 2018, Singapore, April 23--24, 2018, Proceedings (Lecture Notes in Computer Science), Junfeng Fan and Benedikt Gierlichs (Eds.), Vol. 10815. Springer, 245--262. https://doi.org/10.1007/978-3-319-89641-0_14Google Scholar
- Felix Wegener and Amir Moradi. 2018b. A Note on Transitional Leakage When Masking AES with Only Two Bits of Randomness. IACR Cryptology ePrint Archive, Vol. 2018 (2018), 1117. https://eprint.iacr.org/2018/1117Google Scholar
- Clifford Wolf. [n.d.]. Yosys Open SYnthesis Suite. http://www.clifford.at/yosys/.Google Scholar
Recommendations
Second-Order Low-Randomness d + 1 Hardware Sharing of the AES
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications SecurityIn this paper, we introduce a second-order masking of the AES using the minimal number of shares and a total of 1268 bits of randomness including the sharing of the plaintext and key. The masking of the S-box is based on the tower field decomposition of ...
Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order
TIS '16: Proceedings of the 2016 ACM Workshop on Theory of Implementation SecurityPassive physical attacks, like power analysis, pose a serious threat to the security of embedded systems and corresponding countermeasures need to be implemented. In this talk, we demonstrate how the costs for protecting digital circuits against passive ...
Resilient uniformity: applying resiliency in masking
AbstractThreshold Implementations are known countermeasures defending against side-channel attacks via the use of masking techniques. While sufficient properties are known to defend against first-order side-channel attacks, it is not known how to achieve ...
Comments