Random Probing Security: Verification, Composition, Expansion and New Constructions

Belaïd, Sonia; Coron, Jean-Sébastien; Prouff, Emmanuel; Rivain, Matthieu; Taleb, Abdul Rahman

doi:10.1007/978-3-030-56784-2_12

Cited by 14 publications

(4 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Notice that the dependency of the noise requirement in d is tight, since it depicts the potential ability of an adversary to increase its success of recovering each share through horizontal attacks, as argued by Battistello et al [7] and Grosso and Standaert [33]. Nevertheless, it is still possible to relax this dependency by using other multiplication gadgets [1,3,2,8,30,31].…”

Section: Comparison With Related Workmentioning

confidence: 97%

“…This direct approach has gained the reputation of being "not convenient" [8,10] to work with, up to the point that most masking security proofs are now established in much simpler yet unrealistic threat models [34,6,8,9,17], relying on a non-tight reduction from the noisy leakage model to such simpler threat models [25]. As a result, only three previous works tackled masking security proofs through this direct way so far.…”

Section: Provable Security Of Maskingmentioning

confidence: 99%

“…Let L : Y → L be a random function denoting a leakage, and let Y be uniformly distributed over Y. Then, there exists a constant α such that for all random variables G arbitrarily distributed over Y, the following inequality holds true: Theorem 2 introduces an overhead scaling with |Y|, which could decrease the final security level by one or several orders of magnitude (e.g., for the AES, |Y| = 2 8 ). Note that Equation 3 is nearly tight in the general case, in the sense that the range of α is narrow.…”

Section: Theorem 2 (Generic Bound For Non-uniform Secrets [50 P 1360])mentioning

confidence: 99%

See 2 more Smart Citations

Prouff and Rivain’s Formal Security Proof of Masking, Revisited

Masure

Standaert

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Masking is a counter-measure that can be incorporated to software and hardware implementations of block ciphers to provably secure them against side-channel attacks. The security of masking can be proven in different types of threat models. In this paper, we are interested in directly proving the security in the most realistic threat model, the so-called noisy leakage adversary, that captures well how real-world sidechannel adversaries operate. Direct proofs in this leakage model have been established by Prouff & Rivain at Eurocrypt 2013, Dziembowski et al. at Eurocrypt 2015, and Prest et al. at Crypto 2019.These proofs are complementary to each other, in the sense that the weaknesses of one proof are fixed in at least one of the others, and conversely. These weaknesses concerned in particular the strong requirements on the noise level and the security parameter to get meaningful security bounds, and some requirements on the type of adversary covered by the proofi.e., chosen or random plaintexts. This suggested that the drawbacks of each security bound could actually be proof artifacts. In this paper, we solve these issues, by revisiting Prouff & Rivain's approach.

show abstract

Section: Comparison With Related Workmentioning

confidence: 97%

Section: Provable Security Of Maskingmentioning

confidence: 99%

Section: Theorem 2 (Generic Bound For Non-uniform Secrets [50 P 1360])mentioning

confidence: 99%

See 1 more Smart Citation

Prouff and Rivain’s Formal Security Proof of Masking, Revisited

Masure

Standaert

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…VRAPS, an automatic framework algorithm from [23], is a security verification tool that considers the random probing model for the sake of capturing horizontal attacks which exploit full leakage traces. However, this tool only works on small circuits, i.e., proving the security of gadgets.…”

Section: Security Verificationmentioning

confidence: 99%

Circuit Masking: From Theory to Standardization, A Comprehensive Survey for Hardware Security Researchers and Practitioners

Covic,

Ganji,

Forte

2021

Preprint

View full text Add to dashboard Cite

Side-channel attacks extracting sensitive data from implementations have been considered a major threat to the security of cryptographic schemes. This has elevated the need for improved designs by embodying countermeasures, with masking being the most prominent example. To formally verify the security of a masking scheme, numerous attack models have been developed to capture the physical properties of the information leakage as well as the capabilities of the adversary. With regard to these models, extensive research has been performed to realize masking schemes. These research efforts have led to significant progress in the development of security assessment methodologies and further initiated standardization activities. However, since the majority of this work is theoretical, it is challenging for the more practice-oriented hardware security community to fully grasp and contribute to. To bridge the gap, these advancements are reviewed and discussed in this survey, mainly from the perspective of hardware security. In doing so, a clear taxonomy is provided that is helpful for a systematic treatment of the masking-related topics. By giving an extensive overview of the existing methods, this survey (1) provides a research landscape of circuit masking for newcomers to the field, (2) offers guidelines on which attack model and verification tool to choose when designing masking schemes, and (3) identifies interesting new research directions where masking models and assessment tools can be applied. Thus, this survey serves as an essential reference for hardware security practitioners interested in the theory behind masking techniques, the tools useful to verify the security of masked circuits, and their potential applications.

show abstract