Skip to main content
View expanded cover

International Conference on Smart Card Research and Advanced Applications

CARDIS 2017: Smart Card Research and Advanced Applications pp 123–141Cite as

Connecting and Improving Direct Sum Masking and Inner Product Masking

Part of the Lecture Notes in Computer Science book series (LNSC,volume 10728)

Abstract

Direct Sum Masking (DSM) and Inner Product (IP) masking are two types of countermeasures that have been introduced as alternatives to simpler (e.g., additive) masking schemes to protect cryptographic implementations against side-channel analysis. In this paper, we first show that IP masking can be written as a particular case of DSM. We then analyze the improved security properties that these (more complex) encodings can provide over Boolean masking. For this purpose, we introduce a slight variation of the probing model, which allows us to provide a simple explanation to the “security order amplification” for such masking schemes that was put forward at CARDIS 2016. We then use our model to search for new instances of masking schemes that optimize this security order amplification. We finally discuss the relevance of this security order amplification (and its underlying assumption of linear leakages) based on an experimental case study.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-75208-2_8
  • Chapter length: 19 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-75208-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   72.00
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

Notes

  1. 1.

    Note that the inductive search allows us to find good linear codes with relatively large minimum distance rather quickly. For instance, we can easily obtain a desired [72, 8, 30] linear code by the inductive search with the code length 8n increasing by 16 gradually from 24 to 72. The gap \(\varDelta \) here is only \(-2\). This task takes less than 2 min when using the online Magma calculator, while it is almost intractable by the other two approaches even running on a powerful local Magma server.

  2. 2.

    http://www.atmel.com/tools/SAM4C-EK.aspx.

References

  1. Balasch, J., Faust, S., Gierlichs, B.: Inner product masking revisited. In: Oswald, E., Fischlin, M. (eds.) [30], pp. 486–510. Springer, Heidelberg (2015)

    Google Scholar 

  2. Balasch, J., Faust, S., Gierlichs, B., Verbauwhede, I.: Theory and practice of a leakage resilient masking scheme. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 758–775. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_45

    CrossRef  Google Scholar 

  3. Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F.-X., Strub, P.-Y.: Parallel implementations of masking schemes and the bounded moment leakage model. In: Coron, J.-S., Nielsen, J.B. (eds.) [11], pp. 535–566. Springer, Cham (2017)

    Google Scholar 

  4. Bouyukliev, I., Jaffe, D.B., Vavrek, V.: The smallest length of eight-dimensional binary linear codes with prescribed minimum distance. IEEE Trans. Inf. Theor. 46(4), 1539–1544 (2000)

    MathSciNet  CrossRef  MATH  Google Scholar 

  5. Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal direct sum masking - a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks. In: Naccache, D., Sauveron, D. (eds.) WISTP 2014. LNCS, vol. 8501, pp. 40–56. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43826-8_4

    Google Scholar 

  6. Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H.: Leakage squeezing of order two. In: Galbraith, S.D., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 120–139. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34931-7_8

    CrossRef  Google Scholar 

  7. Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H.: Leakage squeezing: optimal implementation and security evaluation. J. Math. Cryptol. 8(3), 249–295 (2014)

    MathSciNet  CrossRef  MATH  Google Scholar 

  8. Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H., Prouff, E.: Achieving side-channel high-order correlation immunity with leakage squeezing. J. Cryptogr. Eng. 4(2), 107–121 (2014)

    CrossRef  Google Scholar 

  9. Carlet, C., Guilley, S.: Complementary dual codes for counter-measures to side-channel attacks. Adv. Math. Commun. 10(1), 131–150 (2016)

    MathSciNet  CrossRef  MATH  Google Scholar 

  10. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26

    CrossRef  Google Scholar 

  11. Coron, J.-S., Nielsen, J.B. (eds.): EUROCRYPT 2017. LNCS, vol. 10210. Springer, Cham (2017)

    Google Scholar 

  12. Coron, J.-S., Prouff, E., Rivain, M., Roche, T.: Higher-order side channel security and mask refreshing. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 410–424. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_21

    Google Scholar 

  13. Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) [29], pp. 423–440. Springer, Heidelberg (2014)

    Google Scholar 

  14. Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete - or how to evaluate the security of any leaking device. In: Oswald, E., Fischlin, M. (eds.) [30], pp. 401–429. Springer, Heidelberg (2015)

    Google Scholar 

  15. Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_10

    CrossRef  Google Scholar 

  16. Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) [29], pp. 459–476. Springer, Heidelberg (2014)

    Google Scholar 

  17. Dziembowski, S., Faust, S.: Leakage-resilient cryptography from the inner-product extractor. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 702–721. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_38

    CrossRef  Google Scholar 

  18. Fumaroli, G., Martinelli, A., Prouff, E., Rivain, M.: Affine masking against higher-order side channel analysis. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 262–280. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19574-7_18

    CrossRef  Google Scholar 

  19. Genelle, L., Prouff, E., Quisquater, M.: Thwarting higher-order side channel analysis with additive and multiplicative maskings. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 240–255. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_16

    CrossRef  Google Scholar 

  20. Golić, J.D., Tymen, C.: Multiplicative masking and power analysis of AES. In: Kaliski Jr., B.S., Koç, C.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_16

    CrossRef  Google Scholar 

  21. Goubin, L., Martinelli, A.: Protecting AES with Shamir’s secret sharing scheme. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 79–94. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_6

    CrossRef  Google Scholar 

  22. Goudarzi, D., Rivain, M.: How fast can higher-order masking be in software? In: Coron, J.S., Nielsen, J. (eds.) [11], pp. 567–597. Springer, Cham (2017)

    Google Scholar 

  23. Grassl, M.: Tables of linear codes and quantum codes (2015). http://www.codetables.de/. Accessed 25 Apr 2017

  24. Griesmer, J.H.: A bound for error-correcting codes. IBM J. Res. Dev. 4(5), 532–542 (1960)

    MathSciNet  CrossRef  MATH  Google Scholar 

  25. Grosso, V., Prouff, E., Standaert, F.-X.: Efficient masked S-boxes processing – a step forward –. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT 2014. LNCS, vol. 8469, pp. 251–266. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06734-6_16

    CrossRef  Google Scholar 

  26. Grosso, V., Standaert, F.-X., Prouff, E.: Low entropy masking schemes, revisited. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 33–43. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_3

    Google Scholar 

  27. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27

    CrossRef  Google Scholar 

  28. Lidl, R., Niederreiter, H.: Finite Fields. Encyclopedia of Mathematics and its Applications. Advanced Book Program/World Science Division. Addison-Wesley Publishing Company, Boston (1983)

    MATH  Google Scholar 

  29. Nguyen, P.Q., Oswald, E. (eds.): EUROCRYPT 2014. LNCS, vol. 8441. Springer, Heidelberg (2014)

    Google Scholar 

  30. Oswald, E., Fischlin, M. (eds.): EUROCRYPT 2015. LNCS, vol. 9056. Springer, Heidelberg (2015)

    Google Scholar 

  31. Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 142–159. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_9

    CrossRef  Google Scholar 

  32. Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 413–427. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15031-9_28

    CrossRef  Google Scholar 

  33. Roche, T., Prouff, E.: Higher-order glitch free implementation of the AES using secure multi-party computation protocols - extended version. J. Cryptogr. Eng. 2(2), 111–127 (2012)

    CrossRef  Google Scholar 

  34. Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_3

    CrossRef  Google Scholar 

  35. Schneider, T., Moradi, A.: Leakage assessment methodology - extended version. J. Cryptogr. Eng. 6(2), 85–99 (2016)

    CrossRef  Google Scholar 

  36. Standaert, F.-X.: How (not) to use welch’s t-test in side-channel security evaluations. IACR Cryptology ePrint Archive, 2017, p. 138 (2017)

    Google Scholar 

  37. van Tilborg Henk, C.A.: The smallest length of binary 7-dimensional linear codes with prescribed minimum distance. Discrete Math. 33(2), 197–207 (1981)

    MathSciNet  CrossRef  MATH  Google Scholar 

  38. Wang, W., Standaert, F.-X., Yu, Y., Pu, S., Liu, J., Guo, Z., Gu, D.: Inner product masking for bitslice ciphers and security order amplification for linear leakages. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 174–191. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_11

    CrossRef  Google Scholar 

Download references

Acknowledgements

François-Xavier Standaert is a research associate of the Belgian Fund for Scientific Research. This work has been funded in parts by the European Commission through the H2020 project 731591 (acronym REASSURE), the CHIST-ERA project SECODE and the ERC project 724725 (acronym SWORD).

Author information

Authors and Affiliations

  1. ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Louvain-la-Neuve, Belgium

    Romain Poussier, Qian Guo & François-Xavier Standaert

  2. LAGA, CNRS, Univ. Paris VIII and Paris XIII, Paris, France

    Claude Carlet

  3. Secure-IC S.A.S, TELECOM-ParisTech, Crypto Group, Paris-Saclay University, CNRS, Paris, France

    Sylvain Guilley

Authors
  1. Romain Poussier
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qian Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. François-Xavier Standaert
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Claude Carlet
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sylvain Guilley
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Romain Poussier .

Editor information

Editors and Affiliations

  1. University of Lübeck and WPI, Lübeck, Germany

    Thomas Eisenbarth

  2. Gemalto, La Ciotat, France

    Yannick Teglia

Rights and permissions

Reprints and Permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Poussier, R., Guo, Q., Standaert, FX., Carlet, C., Guilley, S. (2018). Connecting and Improving Direct Sum Masking and Inner Product Masking. In: Eisenbarth, T., Teglia, Y. (eds) Smart Card Research and Advanced Applications. CARDIS 2017. Lecture Notes in Computer Science(), vol 10728. Springer, Cham. https://doi.org/10.1007/978-3-319-75208-2_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75208-2_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75207-5

  • Online ISBN: 978-3-319-75208-2

  • eBook Packages: Computer ScienceComputer Science (R0)