13 Hits in 5.5 sec

Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme [chapter]

Alberto Battistello, Jean-Sébastien Coron, Emmanuel Prouff, Rina Zeitoun
2016 Lecture Notes in Computer Science  
A common countermeasure against side-channel attacks consists in using the masking scheme originally introduced by Ishai, Sahai and Wagner (ISW) at Crypto 2003, and further generalized by Rivain and Prouff  ...  We exhibit two (template) horizontal side-channel attacks against the Rivain-Prouff's secure multiplication scheme and we analyze their efficiency thanks to several simulations and experiments.  ...  We are very grateful to the anonymous CHES reviewers for pointing a flaw in a previous version of our countermeasure in Section 8.  ... 
doi:10.1007/978-3-662-53140-2_2 fatcat:5albs3cj5rdgflhigamvcy7wxe

Low Randomness Masking and Shuffling: An Evaluation Using Mutual Information

Kostas Papagiannopoulos
2018 Transactions on Cryptographic Hardware and Embedded Systems  
Both RRM and RRS are evaluated using the MI-based framework in the context of horizontal attacks.  ...  Side-channel countermeasure designers often face severe performance overheads when trying to protect a device.  ...  Acknowledgments I would like to thank Lejla Batina, Joan Daemen and Vincent Grosso for their feedback comments and the discussions towards SASCA.  ... 
doi:10.13154/tches.v2018.i3.524-546 dblp:journals/tches/Papagiannopoulos18 fatcat:ro3ypd2nfvfd7gcflbvlz3jtdy

Secure Multiplication for Bitslice Higher-Order Masking: Optimisation and Comparison [chapter]

Dahmun Goudarzi, Anthony Journault, Matthieu Rivain, François-Xavier Standaert
2018 Lecture Notes in Computer Science  
In this paper, we optimize the performances and compare several recent masking schemes in bitslice on 32-bit arm devices, with a focus on multiplication.  ...  Our evaluations should therefore allow a designer to select a masking scheme based on implementation constraints and security requirements.  ...  This work has been funded in part by the European Commission and the Walloon Region through the FEDER project USERMedia (convention number 501907-379156) and by the INNOVIRIS project SCAUT .  ... 
doi:10.1007/978-3-319-89641-0_1 fatcat:nqo676jwozco5cpcvzfnbbwcve

Circuit Masking: From Theory to Standardization, A Comprehensive Survey for Hardware Security Researchers and Practitioners [article]

Ana Covic, Fatemeh Ganji, Domenic Forte
2021 arXiv   pre-print
Side-channel attacks extracting sensitive data from implementations have been considered a major threat to the security of cryptographic schemes.  ...  By giving an extensive overview of the existing methods, this survey (1) provides a research landscape of circuit masking for newcomers to the field, (2) offers guidelines on which attack model and verification  ...  method to verify the security of the masking countermeasures against side-channel attacks.  ... 
arXiv:2106.12714v2 fatcat:djqmxdobv5e3becegkmscz2zae

Mind the Gap: Towards Secure 1st-Order Masking in Software [chapter]

Kostas Papagiannopoulos, Nikita Veshchikov
2017 Lecture Notes in Computer Science  
Cryptographic implementations are vulnerable to side-channel analysis. Implementors often opt for masking countermeasures to protect against these types of attacks.  ...  Last, we craft the first (to our knowledge) "hardened" 1st-order ISW-based, masked Sbox implementation, which is capable of resisting 1st-order, univariate side-channel attacks.  ...  In parallel with the development of masked implementations, side-channel research focused on the practical evaluation of the countermeasure. Balasch et al.  ... 
doi:10.1007/978-3-319-64647-3_17 fatcat:2ylhgsvbxbcnjnczhafnmxilmm

Breaking Masked Implementations with Many Shares on 32-bit Software Platforms

Olivier Bronchain, François-Xavier Standaert
2021 Transactions on Cryptographic Hardware and Embedded Systems  
We then show the positive impact of lightweight block ciphers with limited number of AND gates for side-channel security, and compare our attacks against a masked Clyde with the best reported attacks of  ...  We explore the concrete side-channel security provided by state-of-theart higher-order masked software implementations of the AES and the (candidate to the NIST Lightweight Cryptography competition) Clyde  ...  François-Xavier Standaert is senior research associate of the Belgian Fund for Scientific Research (F.R.S.-FNRS). This work has been funded by the EU through the ERC project SWORD (724725).  ... 
doi:10.46586/tches.v2021.i3.202-234 fatcat:mjccfpanhrfunfkccivkq2ojvi

Extending Glitch-Free Multiparty Protocols to Resist Fault Injection Attacks

Okan Seker, Abraham Fernandez-Rubio, Thomas Eisenbarth, Rainer Steinwandt
2018 Transactions on Cryptographic Hardware and Embedded Systems  
both fault and side-channel attacks at the same time.  ...  Side channel analysis and fault attacks are two powerful methods to analyze and break cryptographic implementations.  ...  Acknowledgments This work is supported by the National Science Foundation, under grant CNS-1618837.  ... 
doi:10.13154/tches.v2018.i3.394-430 dblp:journals/tches/SekerFES18 fatcat:7jfw4u2pwvbn7p4jupxi7cxmjy

Towards Globally Optimized Masking: From Low Randomness to Low Noise Rate

Gaëtan Cassiers, François-Xavier Standaert
2019 Transactions on Cryptographic Hardware and Embedded Systems  
We improve the state-of-the-art masking schemes in two important directions.  ...  Second, we analyze the security of most existing multiplication algorithms in the literature against so-called horizontal attacks, which aim to reduce the noise of the actual leakages measured by an adversary  ...  Horizontal side-channel attacks rather try to use the information from the leakage of all the variables and all their shares [BCPZ16] .  ... 
doi:10.13154/tches.v2019.i2.162-198 dblp:journals/tches/CassiersS19 fatcat:ggngfqbbgfgxvk67fh5kzdztwa

Defeating State-of-the-Art White-Box Countermeasures with Advanced Gray-Box Attacks

Louis Goubin, Matthieu Rivain, Junwei Wang
2020 Transactions on Cryptographic Hardware and Embedded Systems  
Then we analyze the different gray-box attack paths and study their performances in terms of required traces and computation time.  ...  In this article, we revisit state-of-the-art countermeasures employed in white-box cryptography, and we discuss possible ways to combine them.  ...  Acknowledgements The authors would like to thank Wieland Fischer and the anonymous referees for their valuable comments. This work was partially supported by the French FUI AAP25 IDECYS+ project.  ... 
doi:10.13154/tches.v2020.i3.454-482 dblp:journals/tches/GoubinRW20 fatcat:pdmjsy2c6jb2xjz7uilipj7oam

Higher-Order Lookup Table Masking in Essentially Constant Memory

Annapurna Valiveti, Srinivas Vivek
2021 Transactions on Cryptographic Hardware and Embedded Systems  
Masking using randomised lookup tables is a popular countermeasure for side-channel attacks, particularly at small masking orders.  ...  An advantage of this class of countermeasures for masking S-boxes compared to ISW-based masking is that it supports pre-processing and thus significantly reducing the amount of computation to be done after  ...  Acknowledgements This work was funded by the INSPIRE Faculty Award (DST, Govt. of India) for Srinivas Vivek. We would like to thank anonymous reviewers for their valuable inputs. References  ... 
doi:10.46586/tches.v2021.i4.546-586 fatcat:wx4abd2cpffp7eqpl2esjjwlda

Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model [chapter]

Gilles Barthe, François Dupressoir, Sebastian Faust, Benjamin Grégoire, François-Xavier Standaert, Pierre-Yves Strub
2017 Lecture Notes in Computer Science  
First, we describe and analyze refreshing and multiplication algorithms that are well suited for parallel implementations and improve security against multivariate side-channel attacks.  ...  This result therefore enables an accurate understanding of the links between formal security analyses of masking schemes and experimental security evaluations based on the estimation of statistical moments  ...  In a side-channel attack, the adversary is provided with some information (or leakage) on each share.  ... 
doi:10.1007/978-3-319-56620-7_19 fatcat:bjrjvrpu6rer3mm2opyhf5vgaq

Efficient and Private Computations with Code-Based Masking

Weijia Wang, Pierrick Méaux, Gaëtan Cassiers, François-Xavier Standaert
2020 Transactions on Cryptographic Hardware and Embedded Systems  
Code-based masking is a very general type of masking scheme that covers Boolean masking, inner product masking, direct sum masking, and so on. The merits of the generalization are twofold.  ...  improved performances, better side-channel security or improved fault tolerance.  ...  Gaëtan Cassiers and François-Xavier Standaert are respectively PhD Student and Senior Research Associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.).  ... 
doi:10.13154/tches.v2020.i2.128-171 dblp:journals/tches/WangMCS20 fatcat:hmtwnb2b6jczbmicv75mm7r7em

On the spectral features of robust probing security

Maria Chiara Molteni, Vittorio Zaccaria
2020 Transactions on Cryptographic Hardware and Embedded Systems  
In turn, this enables a natural extension of non-interference definitions into robust ones to build a new reasoning framework that can formally explain some semi-formal results already appeared in the  ...  In this work we provide a spectral formalization of non-interference in the presence of glitches. Our goal is to present new theoretical and practical tools to reason about robust-d-probing security.  ...  Introduction This paper deals with the problem of protecting a hardware and software implementation against side channel attacks.  ... 
doi:10.13154/tches.v2020.i4.24-48 dblp:journals/tches/MolteniZ20 fatcat:x7ms3vztajd6fnt2nwqzv672li