Advertisement

Physical Security Versus Masking Schemes

  • Jean-Luc Danger
  • Sylvain Guilley
  • Annelie Heuser
  • Axel Legay
  • Tang Ming
Chapter

Abstract

Numerous masking schemes have been designed as provable countermeasures against side-channel attacks. However, currently, several side-channel attack models coexist, such as “probing” and “bounded moment” models, at bit or word levels. From a defensive standpoint, it is thus unclear which protection strategy is the most relevant to adopt.

In this survey article, we review adversarial hypotheses and challenge masking schemes with respect to practical attacks. In a view to explain in a pedagogical way how to secure implementations, we highlight the key aspects to be considered when implementing a masking scheme.

Notes

Acknowledgements

This work was supported in part by the National Natural Science Foundation of China under Grant (61472292, 61332019) and by the key technology research of new-generation high-speed and high-level security chip for smart grid (526816160015).

References

  1. 1.
    J. Balasch, S. Faust, B. Gierlichs, Inner product masking revisited, in Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26–30, 2015, Proceedings, Part I, ed. by E. Oswald, M. Fischlin. Lecture Notes in Computer Science, vol. 9056 (Springer, Berlin, 2015), pp. 486–510Google Scholar
  2. 2.
    J. Balasch, S. Faust, B. Gierlichs, C. Paglialonga, F.-X. Standaert, Consolidating inner product masking, in Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3–7, 2017, Proceedings, Part I, ed. by T. Takagi, T. Peyrin. Lecture Notes in Computer Science, vol. 10624 (Springer, Berlin, 2017), pp. 724–754CrossRefGoogle Scholar
  3. 3.
    S. Bhasin, S. Guilley, L. Sauvage, J.-L. Danger, Unrolling cryptographic circuits: a simple countermeasure against side-channel attacks, in Topics in Cryptology - CT-RSA 2010, The Cryptographers’ Track at the RSA Conference 2010, San Francisco, CA, USA, March 1–5, 2010. Proceedings, ed. by J. Pieprzyk. Lecture Notes in Computer Science, vol. 5985 (Springer, Berlin, 2010), pp. 195–207CrossRefGoogle Scholar
  4. 4.
    S. Bhasin, J.-L. Danger, S. Guilley, Z. Najm, Side-channel leakage and trace compression using normalized inter-class variance, in Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy, HASP ’14 (ACM, New York, 2014), pp. 7:1–7:9Google Scholar
  5. 5.
    J. Blömer, J. Guajardo, V. Krummel, Provably secure masking of AES, in Selected Areas in Cryptography, ed. by H. Handschuh, M.A. Hasan. Lecture Notes in Computer Science, vol. 3357 (Springer, Berlin, 2004), pp. 69–83CrossRefGoogle Scholar
  6. 6.
    J. Bringer, C. Carlet, H. Chabanne, S. Guilley, H. Maghrebi, Orthogonal direct sum masking: a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks. Cryptology ePrint Archive, Report 2014/665, 2014. http://eprint.iacr.org/2014/665/ (extended version of conference paper (J. Bringer, C. Carlet, H. Chabanne, S. Guilley, H. Maghrebi, Orthogonal direct sum masking – a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks, in WISTP International Conference on Information Security Theory and Practice. Lecture Notes in Computer Science, vol. 8501 (Springer, Berlin, 2014), pp. 40–56. Heraklion, Greece))Google Scholar
  7. 7.
    C. Carlet, S. Guilley, Statistical properties of side-channel and fault injection attacks using coding theory. Cryptogr. Commun. 10(5), 909–933 (2018). https://doi.org/10.1007/s12095-017-0271-4 MathSciNetCrossRefGoogle Scholar
  8. 8.
    J.-S. Coron, Higher order masking of look-up tables, in Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT, ed. by P.Q. Nguyen, E. Oswald. Lecture Notes in Computer Science, vol. 8441 (Springer, Berlin, 2014), pp. 441–458CrossRefGoogle Scholar
  9. 9.
    J.-L. Danger, S. Guilley, P. Nguyen, R. Nguyen, Y. Souissi, Analyzing security breaches of countermeasures throughout the refinement process in hardware design flow, in Design, Automation & Test in Europe Conference & Exhibition, DATE 2017, Lausanne, Switzerland, March 27–31, 2017, ed. by D. Atienza, G. Di Natale (IEEE, Piscataway, 2017), pp. 1129–1134Google Scholar
  10. 10.
    R.J. Easter, J.-P. Quemard, J. Kondo, Text for ISO/IEC 1st CD 17825 – Information technology – Security techniques – Non-invasive attack mitigation test metrics for cryptographic modules, March 22 2014. Prepared within ISO/IEC JTC 1/SC 27/WG 3. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=60612
  11. 11.
    S. Guilley, A. Heuser, O. Rioul, Codes for side-channel attacks and protections, in Codes, Cryptology and Information Security - Second International Conference, C2SI 2017, Rabat, Morocco, April 10–12, 2017, Proceedings - In Honor of Claude Carlet, ed. by S. El Hajji, A. Nitaj, E.M. Souidi. Lecture Notes in Computer Science, vol. 10194 (Springer, Berlin, 2017), pp. 35–55CrossRefGoogle Scholar
  12. 12.
    Y. Ishai, A. Sahai, D. Wagner, Private circuits: securing hardware against probing attacks, in Annual International Cryptology Conference, CRYPTO. Lecture Notes in Computer Science, vol. 2729 (Springer, Berlin, 2003), pp. 463–481. Santa Barbara, CaliforniaCrossRefGoogle Scholar
  13. 13.
    S. Mangard, E. Oswald, T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards (Springer, Berlin, 2006). http://www.springer.com/. ISBN 0-387-30857-1, http://www.dpabook.org/
  14. 14.
    A. Moradi, S. Guilley, A. Heuser, Detecting hidden leakages, in Applied Cryptography and Network Security, ed. by I. Boureanu, P. Owesarski, S. Vaudenay, vol. 8479 (Springer, Berlin, 2014). 12th International Conference on Applied Cryptography and Network Security, Lausanne, SwitzerlandGoogle Scholar
  15. 15.
    NIST/ITL/CSD, Data Encryption Standard. FIPS PUB 46-3, Oct 1999. http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
  16. 16.
    NIST/ITL/CSD, Advanced Encryption Standard (AES). FIPS PUB 197, Nov 2001. http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf (also ISO/IEC 18033-3:2010)
  17. 17.
    K. Papagiannopoulos, N. Veshchikov, Mind the gap: towards secure 1st-order masking in software, in Constructive Side-Channel Analysis and Secure Design: 8th International Workshop, Paris, France, COSADE (Springer, Berlin, 2017)Google Scholar
  18. 18.
    R. Poussier, Q. Guo, F.-X. Standaert, C. Carlet, S. Guilley, Connecting and improving direct sum masking and inner product masking, in Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13–15, 2017, Revised Selected Papers, ed. by Y. Teglia, T. Eisenbarth. Lecture Notes in Computer Science (Springer, Berlin, 2017)Google Scholar
  19. 19.
    R. Poussier, Q. Guo, F.-X. Standaert, C. Carlet, S. Guilley, Connecting and improving direct sum masking and inner product masking, in Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13–15, 2017, Revised Selected Papers, ed. by T. Eisenbarth, Y. Teglia. Lecture Notes in Computer Science, vol. 10728 (Springer, Berlin, 2017), pp. 123–141CrossRefGoogle Scholar
  20. 20.
    E. Prouff, M. Rivain, A generic method for secure SBox implementation, in International Workshop on Information Security Applications WISA, ed. by Sehun Kim, Moti Yung, and Hyung-Woo Lee. Lecture Notes in Computer Science, vol. 4867 (Springer, Berlin, 2007), pp. 227–244CrossRefGoogle Scholar
  21. 21.
    E. Prouff, M. Rivain, Masking against side-channel attacks: a formal security proof, in Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26–30, 2013. Proceedings, ed. by T. Johansson, P.Q. Nguyen. Lecture Notes in Computer Science, vol. 7881 (Springer, Berlin, 2013), pp. 142–159Google Scholar
  22. 22.
    M. Rivain, E. Prouff, Provably secure higher-order masking of AES, in International Workshop on Cryptographic Hardware and Embedded Systems, CHES, ed. by S. Mangard, F.-X. Standaert. Lecture Notes in Computer Science, vol. 6225 (Springer, Berlin, 2010), pp. 413–427CrossRefGoogle Scholar
  23. 23.
    W. Wang, F.-X. Standaert, Y. Yu, S. Pu, J. Liu, Z. Guo, D. Gu, Inner product masking for bitslice ciphers and security order amplification for linear leakages, in Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Cannes, France, November 7–9, 2016, Revised Selected Papers, ed. by K. Lemke-Rust, M. Tunstall. Lecture Notes in Computer Science, vol. 10146 (Springer, Berlin, 2016), pp. 174–191CrossRefGoogle Scholar
  24. 24.
    V. Yli-Mäyry, N. Homma, T. Aoki, Improved power analysis on unrolled architecture and its application to PRINCE block cipher, in Lightweight Cryptography for Security and Privacy - 4th International Workshop, LightSec 2015, Bochum, Germany, September 10–11, 2015, Revised Selected Papers, ed. by T. Güneysu, G. Leander, A. Moradi. Lecture Notes in Computer Science, vol. 9542 (Springer, Berlin, 2015), pp. 148–163Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Jean-Luc Danger
    • 1
    • 2
  • Sylvain Guilley
    • 1
    • 3
    • 4
  • Annelie Heuser
    • 5
  • Axel Legay
    • 6
  • Tang Ming
    • 7
  1. 1.Télécom ParisTechParisFrance
  2. 2.Secure-IC S.A.S.Cesson-SévignéFrance
  3. 3.Secure-ICParisFrance
  4. 4.École normale supérieureParisFrance
  5. 5.CNRSIRISARennesFrance
  6. 6.INRIAIRISARennesFrance
  7. 7.Wuhan UniversityWuhanChina

Personalised recommendations