Threshold Implementations in the Robust Probing Model

Advances in Cryptology – ASIACRYPT 2020

Zhang

2020

Self Cite

A new approach to the security analysis of hardware-oriented masked ciphers against second-order side-channel attacks is developed. By relying on techniques from symmetric-key cryptanalysis, concrete security bounds are obtained in a variant of the probing model that allows the adversary to make only a bounded, but possibly very large, number of measurements. Specifically, it is formally shown how a boundedquery variant of robust probing security can be reduced to the linear cryptanalysis of masked ciphers. As a result, the compositional issues of higher-order threshold implementations can be overcome without relying on fresh randomness. From a practical point of view, the aforementioned approach makes it possible to transfer many of the desirable properties of first-order threshold implementations, such as their low randomness usage, to the second-order setting. For example, a straightforward application to the block cipher LED results in a masking using less than 700 random bits including the initial sharing. In addition, the cryptanalytic approach introduced in this paper provides additional insight into the design of masked ciphers and allows for a quantifiable trade-off between security and performance.

Section: Boolean Masking and Threshold Implementationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Cryptanalysis of Masked Ciphers: A Not So Random Idea

Beyne

Advances in Cryptology – ASIACRYPT 2020

Zhang

2020

Self Cite

“…Figure 3: Schematic illustration of a threshold implementation assuming an equal number of input and output shares [11].…”

Section: Boolean Masking and Threshold Implementationsmentioning

confidence: 99%

Guarding the First Order: The Rise of AES Maskings

Askeland

Lecture Notes in Computer Science

Nikova

et al. 2023

Self Cite

We provide three first-order hardware maskings of the AES, each allowing for a different trade-off between the number of shares and the number of register stages. All maskings use a generalization of the changing of the guards method enabling the re-use of randomness between masked S-boxes. As a result, the maskings do not require fresh randomness while still allowing for a minimal number of shares and providing provable security in the glitch-extended probing model. The low-area variant has five cycles of latency and a serialized area cost of 8.13 kGE. The low-latency variant reduces the latency to three cycles while increasing the serialized area by 67.89% compared to the low-area variant. The maskings of the AES encryption are implemented on FPGA and evaluated with Test Vector Leakage Assessment (TVLA).

“…If all layers of a Threshold Implementation adhere to the above properties, the resulting shared circuit can be proven secure in the first-order probing model considering glitches, which is the security model defined further on [8]. In the higher-order setting, the situation is more complicated.…”

Section: Encodermentioning

confidence: 99%

Resilient uniformity: applying resiliency in masking

Nikova

2021

Cryptogr. Commun.

Self Cite

Threshold Implementations are known countermeasures defending against side-channel attacks via the use of masking techniques. While sufficient properties are known to defend against first-order sidechannel attacks, it is not known how to achieve higher-order security. This work generalizes the Threshold Implementation notion of uniformity and proves it achieves second-order protection. The notion is applied to create a second-order masking of the Present cipher with a low randomness cost.