Designers of masking schemes are usually torn between the contradicting goals of maximizing the security gains while minimizing the performance overheads. Boolean masking is one extreme example of this tradeo: its algebraic structure is as simple as can be (and so are its implementations), but it typically suers more from implementation weaknesses. For example knowing one bit of each share is enough to know one bit of secret in this case. Inner product masking lies at the other side of this tradeo: its algebraic structure is more involved, making it more expensive to implement (especially at higher orders), but it ensures stronger security guarantees. For example, knowing one bit of each share is not enough to know one bit of secret in this case. In this paper, we try to combine the best of these two worlds, and propose a new masking scheme mixing a single Boolean matrix product (to improve the algebraic complexity of the scheme) with standard additive Boolean masking (to allow ecient higher-order implementations). We show that such a masking is well suited for application to bitslice ciphers. We also conduct a comprehensive security analysis of the proposed scheme. For this purpose, we give a security proof in the probing model, and carry out an information leakage evaluation of an idealized implementation. For certain leakage functions, the latter exhibits surprising observations, namely information leakages in higher statistical moments than guaranteed by the proof in the probing model, which we can connect to the recent literature on low entropy masking schemes. We conclude the paper with a performance evaluation, which conrms that both for security and performance reasons, our new masking scheme (which can be viewed as a variation of inner product masking) compares favorably to state-of-the-art masking schemes for bitslice ciphers.
Communication à un colloque (Conference Paper) – Présentation orale avec comité de sélection
Access type
Accès libre
Publication date
2016
Language
Anglais
Conference
"15th International Conference on Smart Card Research and Advanced Applications (CARDIS 2016)", Cannes (France) (du 07/11/2016 au 09/11/2016)
Peer reviewed
yes
Host document
Kerstin Lemke-Rust, Michael Tunstall ; "Proceedings of the 15th International Conference on Smart Card Research and Advanced Applications (CARDIS 2016)"- p. 174-191 (ISBN : 978-3-319-54668-1)
Carlet Claude, Guilley Sylvain, Complementary dual codes for counter-measures to side-channel attacks, 10.3934/amc.2016.10.131
Castagnos Guilhem, Renner Soline, Zémor Gilles, High-order Masking by Using Coding Theory and Its Application to AES, Cryptography and Coding (2013) ISBN:9783642452383 p.193-212, 10.1007/978-3-642-45239-0_12
Journault, A., Standaert, F.X., Varici, K.: Improving the security and efficiency of block ciphers based on LS-designs. In: 9th International Workshop on Coding and Cryptography, WCC 2015, Paris, France, April 2015
Oswald, E., Fischlin, M. (eds.): EUROCRYPT 2015. LNCS, vol. 9056. Springer, Heidelberg (2015)
Standaert François-Xavier, Malkin Tal G., Yung Moti, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, Advances in Cryptology - EUROCRYPT 2009 (2009) ISBN:9783642010002 p.443-461, 10.1007/978-3-642-01001-9_26
Standaert François-Xavier, Veyrat-Charvillon Nicolas, Oswald Elisabeth, Gierlichs Benedikt, Medwed Marcel, Kasper Markus, Mangard Stefan, The World Is Not Enough: Another Look on Second-Order DPA, Advances in Cryptology - ASIACRYPT 2010 (2010) ISBN:9783642173721 p.112-129, 10.1007/978-3-642-17373-8_7
Bibliographic reference
Wang, Weijia ; Standaert, François-Xavier ; Yu, Yu ; Pu, Sihang ; Liu, Junrong ; et. al. Inner Product Masking for Bitslice Ciphers and Security Order Amplification for Linear Leakages.15th International Conference on Smart Card Research and Advanced Applications (CARDIS 2016) (Cannes (France), du 07/11/2016 au 09/11/2016). In: Kerstin Lemke-Rust, Michael Tunstall, Proceedings of the 15th International Conference on Smart Card Research and Advanced Applications (CARDIS 2016), Springer : Trier2016, p. 174-191