Abstract
Masking is a well-known countermeasure to protect block cipher implementations against side-channel attacks. The principle is to randomly split every sensitive intermediate variable occurring in the computation into dā+ā1 shares, where d is called the masking order and plays the role of a security parameter. Although widely used in practice, masking is often considered as an empirical solution and its effectiveness is rarely proved. In this paper, we provide a formal security proof for masked implementations of block ciphers. Specifically, we prove that the information gained by observing the leakage from one execution can be made negligible (in the masking order). To obtain this bound, we assume that every elementary calculation in the implementation leaks a noisy function of its input, where the amount of noise can be chosen by the designer (yet linearly bounded). We further assume the existence of a leak-free component that can refresh the masks of shared variables. Our work can be viewed as an extension of the seminal work of Chari et al.published at CRYPTO in 1999 on the soundness of combining masking with noise to thwart side-channel attacks.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Blakely, G.: Safeguarding cryptographic keys. In: National Comp. Conf., vol.Ā 48, pp. 313ā317. AFIPS Press, New York(1979)
Blƶmer, J., Guajardo, J., Krummel, V.: Provably Secure Masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol.Ā 3357, pp. 69ā83. Springer, Heidelberg (2004)
Carlet, C., Goubin, L., Prouff, E., Quisquater, M., Rivain, M.: Higher-order masking schemes for s-boxes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol.Ā 7549, pp. 366ā384. Springer, Heidelberg (2012)
Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol.Ā 1666, pp. 398ā412. Springer, Heidelberg (1999)
Chari, S., Rao, J., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., KoƧ, Ć.K., Paar, C. (eds.) CHES 2002. LNCS, vol.Ā 2523, pp. 13ā28. Springer, Heidelberg (2003)
Clavier, C., Coron, J.-S., Dabbous, N.: Differential Power Analysis in the Presence of Hardware Countermeasures. In: KoƧ, Ć.K., Paar, C. (eds.) CHES 2000. LNCS, vol.Ā 1965, pp. 252ā263. Springer, Heidelberg (2000)
Coron, J.-S., Kizhvatov, I.: Analysis and Improvement of the Random Delay Countermeasure of CHES 2009. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol.Ā 6225, pp. 95ā109. Springer, Heidelberg (2010)
Coron, J.-S., Kocher, P., Naccache, D.: Statistics and secret leakage. In: Frankel, Y. (ed.) FC 2000. LNCS, vol.Ā 1962, pp. 157ā173. Springer, Heidelberg (2001)
Di Crescenzo, G., Lipton, R.J., Walfish, S.: Perfectly Secure Password Protocols in the Bounded Retrieval Model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol.Ā 3876, pp. 225ā244. Springer, Heidelberg (2006)
Dodis, Y., Pietrzak, K.: Leakage-Resilient Pseudorandom Functions and Side-Channel Attacks on Feistel Networks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol.Ā 6223, pp. 21ā40. Springer, Heidelberg (2010)
Dziembowski, S., Faust, S.: Leakage-Resilient Circuits without Computational Assumptions. In: Cramer, R. (ed.) TCC 2012. LNCS, vol.Ā 7194, pp. 230ā247. Springer, Heidelberg (2012)
Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS, pp. 293ā302. IEEE Computer Society (2008)
Faust, S., Kiltz, E., Pietrzak, K., Rothblum, G.N.: Leakage-Resilient Signatures. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol.Ā 5978, pp. 343ā360. Springer, Heidelberg (2010)
Faust, S., Rabin, T., Reyzin, L., Tromer, E., Vaikuntanathan, V.: Protecting Circuits from Leakage: the Computationally-Bounded and Noisy Cases. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol.Ā 6110, pp. 135ā156. Springer, Heidelberg (2010)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: KoƧ, Ć.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol.Ā 2162, pp. 251ā261. Springer, Heidelberg (2001)
Genelle, L., Prouff, E., Quisquater, M.: Thwarting higher-order side channel analysis with additive and multiplicative maskings. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol.Ā 6917, pp. 240ā255. Springer, Heidelberg (2011)
Goldwasser, S., Rothblum, G.N.: Securing computation against continuous leakage. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol.Ā 6223, pp. 59ā79. Springer, Heidelberg (2010)
Goldwasser, S., Rothblum, G.N.: How to Compute in the Presence of Leakage. In: 53rd Annual IEEE Symposium on Foundations of Computer Science ā FOCS 2012, pp. 31ā40. IEEE Computer Society (2012)
Goubin, L., Patarin, J.: DES and Differential Power Analysis ā The Duplication Method. In: KoƧ, Ć.K., Paar, C. (eds.) CHES 1999. LNCS, vol.Ā 1717, pp. 158ā172. Springer, Heidelberg (1999)
Herbst, C., Oswald, E., Mangard, S.: An AES Smart Card Implementation Resistant to Power Analysis Attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol.Ā 3989, pp. 239ā252. Springer, Heidelberg (2006)
Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.Ā 2729, pp. 463ā481. Springer, Heidelberg (2003)
Juma, A., Vahlis, Y.: Protecting Cryptographic Keys against Continual Leakage. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol.Ā 6223, pp. 41ā58. Springer, Heidelberg (2010)
Kiltz, E., Pietrzak, K.: Leakage Resilient ElGamal Encryption. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol.Ā 6477, pp. 595ā612. Springer, Heidelberg (2010)
Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.Ā 1109, pp. 104ā113. Springer, Heidelberg (1996)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol.Ā 1666, pp. 388ā397. Springer, Heidelberg (1999)
MacĆ©, F., Standaert, F.-X., Quisquater, J.-J.: Information Theoretic Evaluation of Side-Channel Resistant Logic Styles. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol.Ā 4727, pp. 427ā442. Springer, Heidelberg (2007)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks ā Revealing the Secrets of Smartcards. Springer (2007)
Messerges, T.: Securing the AES Finalists against Power Analysis Attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol.Ā 1978, pp. 150ā164. Springer, Heidelberg (2001)
Micali, S., Reyzin, L.: Physically Observable Cryptography (Extended Abstract). In: Naor, M. (ed.) TCC 2004. LNCS, vol.Ā 2951, pp. 278ā296. Springer, Heidelberg (2004)
Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A Side-Channel Analysis Resistant Description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol.Ā 3557, pp. 413ā423. Springer, Heidelberg (2005)
Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and Electromagnetic Analysis: Improved Model, Consequences and Comparisons. IntegrationĀ 40(1), 52ā60 (2007)
Pietrzak, K.: A Leakage-Resilient Mode of Operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol.Ā 5479, pp. 462ā482. Springer, Heidelberg (2009)
Prouff, E., Roche, T.: Higher-order glitches free implementation of the aes using secure multi-party computation protocols. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol.Ā 6917, pp. 63ā78. Springer, Heidelberg (2011)
Rivain, M., Prouff, E.: Provably Secure Higher-Order Masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol.Ā 6225, pp. 413ā427. Springer, Heidelberg (2010)
Rothblum, G.N.: How to compute under\(\mathcal{AC}^0\)leakage without secure hardware. In: Safavi-Naini, R. (ed.) CRYPTO 2012. LNCS, vol.Ā 7417, pp. 552ā569. Springer, Heidelberg (2012)
Schindler, W., Lemke, K., Paar, C.: A Stochastic Model for Differential Side Channel Cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol.Ā 3659, pp. 30ā46. Springer, Heidelberg (2005)
Shamir, A.: How to Share a Secret. Commun. ACMĀ 22(11), 612ā613 (1979)
Standaert, F.-X., Archambeau, C.: Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol.Ā 5154, pp. 411ā425. Springer, Heidelberg (2008)
Standaert, F.-X., Ćrs, S.B., Preneel, B.: Power Analysis of an FPGA: Implementation of Rijndael: Is Pipelining a DPA Countermeasure? In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol.Ā 3156, pp. 30ā44. Springer, Heidelberg (2004)
Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage resilient cryptography in practice. Cryptology ePrint Archive, Report 2009/341 (2009), http://eprint.iacr.org/
Tiri, K., Verbauwhede, I.: A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. In: Design, Automation and Test in Europe Conference and Exposition ā DATE 2004, pp. 246ā251. IEEE Computer Society (2004)
Yu, Y., Standaert, F.-X., Pereira, O., Yung, M.: Practical leakage-resilient pseudorandom generators. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security ā CCS 2010, pp. 141ā151 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2013 International Association for Cryptologic Research
About this paper
Cite this paper
Prouff, E., Rivain, M. (2013). Masking against Side-Channel Attacks: A Formal Security Proof. In: Johansson, T., Nguyen, P.Q. (eds) Advances in Cryptology ā EUROCRYPT 2013. EUROCRYPT 2013. Lecture Notes in Computer Science, vol 7881. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38348-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-38348-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38347-2
Online ISBN: 978-3-642-38348-9
eBook Packages: Computer ScienceComputer Science (R0)