On the Use of Shamir's Secret Sharing against Side-Channel Analysis [chapter]

Jean-Sébastien Coron, Emmanuel Prouff, Thomas Roche
2013 Lecture Notes in Computer Science  
At CHES 2011 Goubin and Martinelli described a new countermeasure against side-channel analysis for AES based on Shamir's secret-sharing scheme. In the present paper, we exhibit a flaw in this scheme and we show that it is always theoretically broken by a firstorder side-channel analysis. As a consequence of this attack, only a slight adaptation of the scheme proposed by Ben-Or et al. at STOC in 1988 can securely process multiplications on data shared with Shamir's technique. In the second part
more » ... of this paper, we propose an improvement of this scheme that leads to a complexityÕ(d 2 ) instead of O(d 3 ), where d is the number of shares per data.
doi:10.1007/978-3-642-37288-9_6 fatcat:t4rxdfvnkbdjdd6pio5g7cyg5i