2021
DOI: 10.46586/tches.v2022.i1.589-629
|View full text |Cite
|
Sign up to set email alerts
|

Automated Generation of Masked Hardware

Abstract: Masking has been recognized as a sound and secure countermeasure for cryptographic implementations, protecting against physical side-channel attacks. Even though many different masking schemes have been presented over time, design and implementation of protected cryptographic Integrated Circuits (ICs) remains a challenging task. More specifically, correct and efficient implementation usually requires manual interactions accompanied by longstanding experience in hardware design and physical security. To this en… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
9
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
3

Relationship

2
6

Authors

Journals

citations
Cited by 13 publications
(9 citation statements)
references
References 16 publications
0
9
0
Order By: Relevance
“…However, as our implementations are fully pipelined and successive inputs are assumed to be shared independently, this vulnerability does not apply in this case. The authors of [20,21] previously demonstrated the side-channel resistance of the HPC2 gadgets using TVLA. Therefore, we did not perform side-channel measurements for the HPC2 adder designs.…”
Section: Side-channel Evaluationmentioning
confidence: 99%
“…However, as our implementations are fully pipelined and successive inputs are assumed to be shared independently, this vulnerability does not apply in this case. The authors of [20,21] previously demonstrated the side-channel resistance of the HPC2 gadgets using TVLA. Therefore, we did not perform side-channel measurements for the HPC2 adder designs.…”
Section: Side-channel Evaluationmentioning
confidence: 99%
“…For the sake of completeness in assessing the security of our optimized construction, we further performed experimental analysis by conducting a leakage assessment on SCA traces measured from an FPGA prototype. To this end, and in order to be consistent with the state-of-the-art, we mainly followed the procedure explained by Knichel et al [KMMS22].…”
Section: Experimental Analysismentioning
confidence: 99%
“…The design requires 1092 fresh random bits and has a latency of 8 clock cycles. Hence, we again followed Knichel et al [KMMS22] for an FPGA-friendly implementation of a 31-bit Linear Feedback Shift Register (LFSR) for each required fresh random bit, updated at every clock cycle. A sample power trace (covering the entire 8 clock cycles) and the result of t-tests are depicted in Figure 9.…”
Section: Experimental Analysismentioning
confidence: 99%
See 1 more Smart Citation
“…These implementations are potentially beneficial and usually more efficient compared to their gadget-based variants. For example, [KMMS22] provides a comparison of different masked byte-serial implementations of the Advanced Encryption Standard (AES). However, their probing security remains unproven.…”
Section: Introductionmentioning
confidence: 99%