User menu

Accès à distance ? S'identifier sur le proxy UCLouvain

Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model

Primary tabs

download
  • Open access
  • PDF
  • 1.43 M
Barthe, Gilles [IMDEA Software Institute, Spain] Dupressoir, François [University of Surrey, UK] Faust, Sebastian [Ruhr Universität Bochum, Germany] Grégoire, Benjamin [Inria Sophia-Antipolis _ Méditerranée, France] Standaert, François-Xavier [UCL] Strub, Pierre-Yves [Ecole Polytechnique, France]

In this paper, we provide a necessary clarification of the good security properties that can be obtained from parallel implementations of masking schemes. For this purpose, we first argue that (i) the probing model is not straightforward to interpret, since it more naturally captures the intuitions of serial implementations, and (ii) the noisy leakage model is not always convenient, e.g. when combined with formal methods for the verification of cryptographic implementations. Therefore we introduce a new model, the bounded moment model, that formalizes a weaker notion of security order frequently used in the side-channel literature. Interestingly, we prove that probing security for a serial implementation implies bounded moment security for its parallel counterpart. This result therefore enables an accurate understanding of the links between formal security analyses of masking schemes and experimental security evaluations based on the estimation of statistical moments. Besides its consolidating nature, our work also brings useful technical contributions. First, we describe and analyze refreshing and multiplication algorithms that are well suited for parallel implementations and improve security against multivariate side-channel attacks. Second, we show that simple refreshing algorithms (with linear complexity) that are not secure in the continuous probing model are secure in the continuous bounded moment model. Eventually, we discuss the independent leakage assumption required for masking to deliver its security promises, and its specificities related to the serial or parallel nature of an implementation.

Document type Communication à un colloque (Conference Paper) – Présentation orale avec comité de sélection
Access type Accès libre
Publication date 2017
Language Anglais
Conference "36th Annual International Conference on the Theory and Applications of cryptographic Techniques (EUROCRYPT 2017)", Paris (France) (du 30/04/2017 au 04/05/2017)
Peer reviewed yes
Host document Jean-Sébastien Coron, Jesper Buus Nielsen ; "Proceedings of the 36th Annual International Conference on the Theory and Applications of cryptographic Techniques (EUROCRYPT 2017)"- p. 535-566 (ISBN : 978-3-319-56619-1)
Collection Lecture Notes in Computer Science - 10210
Publisher Springer (Trier)
Publication status Publié
Affiliation UCL - SST/ICTM/ELEN - Pôle en ingénierie électrique
Keywords Leakage model
Links
  1. Francillon, A., Rohatgi, P. (eds.): CARDIS 2013. LNCS, vol. 8419. Springer, Heidelberg (2014)
  2. Cryptographic Hardware and Embedded Systems – CHES 2012, ISBN:9783642330261, 10.1007/978-3-642-33027-8
  3. Cryptographic Hardware and Embedded Systems -- CHES 2015, ISBN:9783662483237, 10.1007/978-3-662-48324-4
  4. Cryptographic Hardware and Embedded Systems – CHES 2016, ISBN:9783662531396, 10.1007/978-3-662-53140-2
  5. Advances in Cryptology — CRYPTO’ 99, ISBN:9783540663478, 10.1007/3-540-48405-1
  6. Advances in Cryptology -- EUROCRYPT 2015, ISBN:9783662467992, 10.1007/978-3-662-46800-5
  7. Fischlin, M., Coron, J.-S. (eds.): EUROCRYPT 2016. LNCS, vol. 9666. Springer, Heidelberg (2016)
  8. Smart Card Research and Advanced Applications, ISBN:9783319167626, 10.1007/978-3-319-16763-3
  9. Andrychowicz, M., Dziembowski, S., Faust, S.: Circuit compilers with O(1/ $$\backslash $$ n)) leakage rate. In: EUROCRYPT 2016, Part II [7], pp. 586–615 (2016)
  10. Archambeau C., Peeters E., Standaert F. -X., Quisquater J. -J., Template Attacks in Principal Subspaces, Lecture Notes in Computer Science (2006) ISBN:9783540465591 p.1-14, 10.1007/11894063_1
  11. Balasch Josep, Gierlichs Benedikt, Grosso Vincent, Reparaz Oscar, Standaert François-Xavier, On the Cost of Lazy Engineering for Masked Software Implementations, Smart Card Research and Advanced Applications (2015) ISBN:9783319167626 p.64-81, 10.1007/978-3-319-16763-3_5
  12. Balasch Josep, Gierlichs Benedikt, Reparaz Oscar, Verbauwhede Ingrid, DPA, Bitslicing and Masking at 1 GHz, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.599-619, 10.1007/978-3-662-48324-4_30
  13. Barthe Gilles, Belaïd Sonia, Dupressoir François, Fouque Pierre-Alain, Grégoire Benjamin, Strub Pierre-Yves, Verified Proofs of Higher-Order Masking, Advances in Cryptology -- EUROCRYPT 2015 (2015) ISBN:9783662467992 p.457-485, 10.1007/978-3-662-46800-5_18
  14. Barthe Gilles, Belaïd Sonia, Dupressoir François, Fouque Pierre-Alain, Grégoire Benjamin, Strub Pierre-Yves, Zucchini Rébecca, Strong Non-Interference and Type-Directed Higher-Order Masking, 10.1145/2976749.2978427
  15. Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F., Strub, P.: Parallel implementations of masking schemes and the bounded moment leakage model. IACR Cryptol. ePrint Arch. 2016, 912 (2016)
  16. Batina Lejla, Gierlichs Benedikt, Prouff Emmanuel, Rivain Matthieu, Standaert François-Xavier, Veyrat-Charvillon Nicolas, Mutual Information Analysis: a Comprehensive Study, 10.1007/s00145-010-9084-8
  17. Battistello Alberto, Coron Jean-Sébastien, Prouff Emmanuel, Zeitoun Rina, Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.23-39, 10.1007/978-3-662-53140-2_2
  18. Bayrak Ali Galip, Regazzoni Francesco, Novo David, Ienne Paolo, Sleuth: Automated Verification of Software Power Analysis Countermeasures, Cryptographic Hardware and Embedded Systems - CHES 2013 (2013) ISBN:9783642403484 p.293-310, 10.1007/978-3-642-40349-1_17
  19. Belaïd Sonia, Benhamouda Fabrice, Passelègue Alain, Prouff Emmanuel, Thillard Adrian, Vergnaud Damien, Randomness Complexity of Private Circuits for Multiplication, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498958 p.616-648, 10.1007/978-3-662-49896-5_22
  20. Bilgin Begül, Daemen Joan, Nikov Ventzislav, Nikova Svetla, Rijmen Vincent, Van Assche Gilles, Efficient and First-Order DPA Resistant Implementations of Keccak, Smart Card Research and Advanced Applications (2014) ISBN:9783319083018 p.187-199, 10.1007/978-3-319-08302-5_13
  21. Bilgin Begül, Gierlichs Benedikt, Nikova Svetla, Nikov Ventzislav, Rijmen Vincent, Higher-Order Threshold Implementations, Lecture Notes in Computer Science (2014) ISBN:9783662456071 p.326-343, 10.1007/978-3-662-45608-8_18
  22. Bilgin Begül, Gierlichs Benedikt, Nikova Svetla, Nikov Ventzislav, Rijmen Vincent, A More Efficient AES Threshold Implementation, Progress in Cryptology – AFRICACRYPT 2014 (2014) ISBN:9783319067339 p.267-284, 10.1007/978-3-319-06734-6_17
  23. Bilgin Begül, Nikova Svetla, Nikov Ventzislav, Rijmen Vincent, Stütz Georg, Threshold Implementations of All 3 ×3 and 4 ×4 S-Boxes, Cryptographic Hardware and Embedded Systems – CHES 2012 (2012) ISBN:9783642330261 p.76-91, 10.1007/978-3-642-33027-8_5
  24. Blömer Johannes, Guajardo Jorge, Krummel Volker, Provably Secure Masking of AES, Selected Areas in Cryptography (2004) ISBN:9783540243274 p.69-83, 10.1007/978-3-540-30564-4_5
  25. Carlet Claude, Danger Jean-Luc, Guilley Sylvain, Maghrebi Houssem, Prouff Emmanuel, Achieving side-channel high-order correlation immunity with leakage squeezing, 10.1007/s13389-013-0067-1
  26. Chari Suresh, Jutla Charanjit S., Rao Josyula R., Rohatgi Pankaj, Towards Sound Approaches to Counteract Power-Analysis Attacks, Advances in Cryptology — CRYPTO’ 99 (1999) ISBN:9783540663478 p.398-412, 10.1007/3-540-48405-1_26
  27. Chen Cong, Eisenbarth Thomas, Shahverdi Aria, Ye Xin, Balanced Encoding to Mitigate Power Analysis: A Case Study, Smart Card Research and Advanced Applications (2015) ISBN:9783319167626 p.49-63, 10.1007/978-3-319-16763-3_4
  28. De Cnudde Thomas, Reparaz Oscar, Bilgin Begül, Nikova Svetla, Nikov Ventzislav, Rijmen Vincent, Masking AES with $$d+1$$ Shares in Hardware, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.194-212, 10.1007/978-3-662-53140-2_10
  29. Coron Jean-Sébastien, Giraud Christophe, Prouff Emmanuel, Renner Soline, Rivain Matthieu, Vadnala Praveen Kumar, Conversion of Security Proofs from One Leakage Model to Another: A New Issue, Constructive Side-Channel Analysis and Secure Design (2012) ISBN:9783642299117 p.69-81, 10.1007/978-3-642-29912-4_6
  30. Coron Jean-Sébastien, Prouff Emmanuel, Rivain Matthieu, Side Channel Cryptanalysis of a Higher Order Masking Scheme, Cryptographic Hardware and Embedded Systems - CHES 2007 ISBN:9783540747345 p.28-44, 10.1007/978-3-540-74735-2_3
  31. Duc Alexandre, Dziembowski Stefan, Faust Sebastian, Unifying Leakage Models: From Probing Attacks to Noisy Leakage., Advances in Cryptology – EUROCRYPT 2014 (2014) ISBN:9783642552199 p.423-440, 10.1007/978-3-642-55220-5_24
  32. Duc Alexandre, Faust Sebastian, Standaert François-Xavier, Making Masking Security Proofs Concrete, Advances in Cryptology -- EUROCRYPT 2015 (2015) ISBN:9783662467992 p.401-429, 10.1007/978-3-662-46800-5_16
  33. Durvaux François, Standaert François-Xavier, From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces, Advances in Cryptology – EUROCRYPT 2016 (2016) ISBN:9783662498897 p.240-262, 10.1007/978-3-662-49890-3_10
  34. Durvaux François, Standaert François-Xavier, Del Pozo Santos Merino, Towards Easy Leakage Certification, Lecture Notes in Computer Science (2016) ISBN:9783662531396 p.40-60, 10.1007/978-3-662-53140-2_3
  35. Dziembowski Stefan, Faust Sebastian, Leakage-Resilient Cryptography from the Inner-Product Extractor, Lecture Notes in Computer Science (2011) ISBN:9783642253843 p.702-721, 10.1007/978-3-642-25385-0_38
  36. Dziembowski Stefan, Faust Sebastian, Herold Gottfried, Journault Anthony, Masny Daniel, Standaert François-Xavier, Towards Sound Fresh Re-keying with Hard (Physical) Learning Problems, Advances in Cryptology – CRYPTO 2016 (2016) ISBN:9783662530078 p.272-301, 10.1007/978-3-662-53008-5_10
  37. Eldib Hassan, Wang Chao, Synthesis of Masking Countermeasures against Side Channel Attacks, Computer Aided Verification (2014) ISBN:9783319088662 p.114-130, 10.1007/978-3-319-08867-9_8
  38. Eldib Hassan, Wang Chao, Schaumont Patrick, Formal Verification of Software Countermeasures against Side-Channel Attacks, 10.1145/2685616
  39. Eldib Hassan, Wang Chao, Taha Mostafa, Schaumont Patrick, Quantitative Masking Strength: Quantifying the Power Side-Channel Resistance of Software Code, 10.1109/tcad.2015.2424951
  40. Grosso Vincent, Leurent Gaëtan, Standaert François-Xavier, Varıcı Kerem, LS-Designs: Bitslice Encryption for Efficient Masked Software Implementations, Fast Software Encryption (2015) ISBN:9783662467053 p.18-37, 10.1007/978-3-662-46706-0_2
  41. Grosso Vincent, Standaert François-Xavier, Prouff Emmanuel, Low Entropy Masking Schemes, Revisited, Smart Card Research and Advanced Applications (2014) ISBN:9783319083018 p.33-43, 10.1007/978-3-319-08302-5_3
  42. Ishai Yuval, Sahai Amit, Wagner David, Private Circuits: Securing Hardware against Probing Attacks, Advances in Cryptology - CRYPTO 2003 (2003) ISBN:9783540406747 p.463-481, 10.1007/978-3-540-45146-4_27
  43. Kocher Paul, Jaffe Joshua, Jun Benjamin, Differential Power Analysis, Advances in Cryptology — CRYPTO’ 99 (1999) ISBN:9783540663478 p.388-397, 10.1007/3-540-48405-1_25
  44. Longo J., De Mulder E., Page D., Tunstall M., SoC It to EM: ElectroMagnetic Side-Channel Attacks on a Complex System-on-Chip, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.620-640, 10.1007/978-3-662-48324-4_31
  45. Mangard Stefan, Popp Thomas, Gammel Berndt M., Side-Channel Leakage of Masked CMOS Gates, Lecture Notes in Computer Science (2005) ISBN:9783540243991 p.351-365, 10.1007/978-3-540-30574-3_24
  46. Mangard Stefan, Pramstaller Norbert, Oswald Elisabeth, Successfully Attacking Masked AES Hardware Implementations, Cryptographic Hardware and Embedded Systems – CHES 2005 (2005) ISBN:9783540284741 p.157-171, 10.1007/11545262_12
  47. Moradi Amir, Statistical Tools Flavor Side-Channel Collision Attacks, Advances in Cryptology – EUROCRYPT 2012 (2012) ISBN:9783642290107 p.428-445, 10.1007/978-3-642-29011-4_26
  48. Moradi Amir, Poschmann Axel, Ling San, Paar Christof, Wang Huaxiong, Pushing the Limits: A Very Compact and a Threshold Implementation of AES, Advances in Cryptology – EUROCRYPT 2011 (2011) ISBN:9783642204647 p.69-88, 10.1007/978-3-642-20465-4_6
  49. Moss Andrew, Oswald Elisabeth, Page Dan, Tunstall Michael, Compiler Assisted Masking, Cryptographic Hardware and Embedded Systems – CHES 2012 (2012) ISBN:9783642330261 p.58-75, 10.1007/978-3-642-33027-8_4
  50. Nikova Svetla, Rijmen Vincent, Schläffer Martin, Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches, 10.1007/s00145-010-9085-7
  51. Paul, C.R.: Introduction to Electromagnetic Compatibility. Wiley & Sons, Hoboken (2006)
  52. Poschmann Axel, Moradi Amir, Khoo Khoongming, Lim Chu-Wee, Wang Huaxiong, Ling San, Side-Channel Resistant Crypto for Less than 2,300 GE, 10.1007/s00145-010-9086-6
  53. Prouff Emmanuel, Rivain Matthieu, Masking against Side-Channel Attacks: A Formal Security Proof, Advances in Cryptology – EUROCRYPT 2013 (2013) ISBN:9783642383472 p.142-159, 10.1007/978-3-642-38348-9_9
  54. Prouff E., Rivain M., Bevan R., Statistical Analysis of Second Order Differential Power Analysis, 10.1109/tc.2009.15
  55. Reparaz Oscar, Bilgin Begül, Nikova Svetla, Gierlichs Benedikt, Verbauwhede Ingrid, Consolidating Masking Schemes, Lecture Notes in Computer Science (2015) ISBN:9783662479889 p.764-783, 10.1007/978-3-662-47989-6_37
  56. Rivain Matthieu, Prouff Emmanuel, Provably Secure Higher-Order Masking of AES, Cryptographic Hardware and Embedded Systems, CHES 2010 (2010) ISBN:9783642150302 p.413-427, 10.1007/978-3-642-15031-9_28
  57. Schneider Tobias, Moradi Amir, Leakage Assessment Methodology, Lecture Notes in Computer Science (2015) ISBN:9783662483237 p.495-513, 10.1007/978-3-662-48324-4_25
  58. Standaert François-Xavier, Archambeau Cedric, Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages, Cryptographic Hardware and Embedded Systems – CHES 2008 ISBN:9783540850526 p.411-425, 10.1007/978-3-540-85053-3_26
  59. Standaert François-Xavier, Malkin Tal G., Yung Moti, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, Advances in Cryptology - EUROCRYPT 2009 (2009) ISBN:9783642010002 p.443-461, 10.1007/978-3-642-01001-9_26
  60. Standaert François-Xavier, Veyrat-Charvillon Nicolas, Oswald Elisabeth, Gierlichs Benedikt, Medwed Marcel, Kasper Markus, Mangard Stefan, The World Is Not Enough: Another Look on Second-Order DPA, Advances in Cryptology - ASIACRYPT 2010 (2010) ISBN:9783642173721 p.112-129, 10.1007/978-3-642-17373-8_7
  61. Tiri Kris, Verbauwhede Ingrid, Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology, Lecture Notes in Computer Science (2003) ISBN:9783540408338 p.125-136, 10.1007/978-3-540-45238-6_11
  62. Ullrich, M., de Cannière, C., Indesteege, S., Küçük, Ö., Mouha, N., Preneel, B.: Finding optimal bitsliced implementations of 4 $$\times $$ 4-bit S-boxes. In: Symmetric Key Encryption Workshop 2011 (2011)
  63. Waddle Jason, Wagner David, Towards Efficient Second-Order Power Analysis, Lecture Notes in Computer Science (2004) ISBN:9783540226666 p.1-15, 10.1007/978-3-540-28632-5_1
Bibliographic reference Barthe, Gilles ; Dupressoir, François ; Faust, Sebastian ; Grégoire, Benjamin ; Standaert, François-Xavier ; et. al. Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model.36th Annual International Conference on the Theory and Applications of cryptographic Techniques (EUROCRYPT 2017) (Paris (France), du 30/04/2017 au 04/05/2017). In: Jean-Sébastien Coron, Jesper Buus Nielsen, Proceedings of the 36th Annual International Conference on the Theory and Applications of cryptographic Techniques (EUROCRYPT 2017), Springer : Trier2017, p. 535-566
Permanent URL http://hdl.handle.net/2078.1/187166