Skip to main content
Book cover

International Conference on Security, Privacy, and Applied Cryptography Engineering

SPACE 2013: Security, Privacy, and Applied Cryptography Engineering pp 95–110Cite as

Algorithms for Switching between Boolean and Arithmetic Masking of Second Order

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 8204)

Abstract

Masking is a widely-used countermeasure to thwart Differential Power Analysis (DPA) attacks, which, depending on the involved operations, can be either Boolean, arithmetic, or multiplicative. When used to protect a cryptographic algorithm that performs both Boolean and arithmetic operations, it is necessary to change the masks from one form to the other in order to be able to unmask the secret value at the end of the algorithm. To date, known techniques for conversion between Boolean and arithmetic masking can only resist first-order DPA. This paper presents the first solution to the problem of converting between Boolean and arithmetic masking of second order. To set the context, we show that a straightforward extension of first-order conversion schemes to second order is not possible. Then, we introduce two algorithms to convert from Boolean to arithmetic masking based on the second-order provably secure S-box output computation method proposed by Rivain et al (FSE 2008). The same can be used to obtain second-order secure arithmetic to Boolean masking. We prove the security of our conversion algorithms using similar arguments as Rivain et al. Finally, we provide implementation results of the algorithms on three different platforms.

Keywords

  • Differential power analysis
  • Second-order DPA
  • Arithmetic masking
  • Boolean Masking
  • Provably secure masking

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-642-41224-0_8
  • Chapter length: 16 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   39.99
Price excludes VAT (USA)
  • ISBN: 978-3-642-41224-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   54.99
Price excludes VAT (USA)
Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side-channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  2. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  3. Coron, J.-S., Giraud, C., Prouff, E., Renner, S., Rivain, M., Vadnala, P.K.: Conversion of security proofs from one leakage model to another: A new issue. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 69–81. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  4. Coron, J.-S., Goubin, L.: On boolean and arithmetic masking against differential power analysis. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 231–237. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  5. Coron, J.-S., Tchulkine, A.: A new algorithm for switching from arithmetic to boolean masking. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 89–97. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  6. Debraize, B.: Efficient and provably secure methods for switching from arithmetic to boolean masking. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 107–121. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  7. Genelle, L., Prouff, E., Quisquater, M.: Secure multiplicative masking of power functions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 200–217. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  8. Genelle, L., Prouff, E., Quisquater, M.: Montgomery’s trick and fast implementation of masked AES. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 153–169. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  9. Genelle, L., Prouff, E., Quisquater, M.: Thwarting higher-order side channel analysis with additive and multiplicative maskings. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 240–255. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  10. Goubin, L.: A sound method for switching between boolean and arithmetic masking. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3–15. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  11. Handschuh, H., Heys, H.M.: A timing attack on RC5. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 306–318. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  12. Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 97–110. Springer, Heidelberg (1998)

    CrossRef  Google Scholar 

  13. Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  14. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  15. Mangard, S., Oswald, M.E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards, vol. 54, pp. 1–337. Springer (2007)

    Google Scholar 

  16. Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  17. Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  18. Neiße, O., Pulkus, J.: Switching blindings with a view towards IDEA. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 230–239. Springer, Heidelberg (2004)

    CrossRef  Google Scholar 

  19. Oswald, E., Mangard, S., Herbst, C., Tillich, S.: Practical second-order DPA attacks for masked smart card implementations of block ciphers. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 192–207. Springer, Heidelberg (2006), http://dx.doi.org/10.1007/11605805_13

    CrossRef  Google Scholar 

  20. Pan, J., Hartog, J.I., Lu, J.: You cannot hide behind the mask: Power analysis on a provably secure s-box implementation. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 178–192. Springer, Heidelberg (2009), http://dx.doi.org/10.1007/978-3-642-10838-9_14

    CrossRef  Google Scholar 

  21. Rivain, M., Dottax, E., Prouff, E.: Block ciphers implementations provably secure against second order side channel analysis. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 127–143. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  22. Tunstall, M., Whitnall, C., Oswald, E.: Masking tables—an underestimated security risk. In: Moriai, S. (ed.) Fast Software Encryption, 20th International Workshop, FSE 2013, Singapore, March 10-13. LNCS, Springer (2013) (Revised Selected Papers)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory of Algorithmics, Cryptology and Security (LACS), University of Luxembourg, 6, rue Richard Coudenhove-Kalergi, 1359, Luxembourg, Luxembourg

    Praveen Kumar Vadnala & Johann Großschädl

Authors
  1. Praveen Kumar Vadnala
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Johann Großschädl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. ESAT/SCD-COSIC, KU Leuven, Kasteelpark Arenberg 10, 3001, Heverlee, Belgium

    Benedikt Gierlichs

  2. COMELEC Department, Crypto Group (SEN), 46 rue Barrault, Institut MINES-TELECOM, TELECOM-ParisTech, CNRS LTCI, 75013, Paris, France

    Sylvain Guilley

  3. Department of Computer Science and Engineering, Indian Institute of Technology, 721302, Kharagpur, India

    Debdeep Mukhopadhyay

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vadnala, P.K., Großschädl, J. (2013). Algorithms for Switching between Boolean and Arithmetic Masking of Second Order. In: Gierlichs, B., Guilley, S., Mukhopadhyay, D. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2013. Lecture Notes in Computer Science, vol 8204. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41224-0_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41224-0_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41223-3

  • Online ISBN: 978-3-642-41224-0

  • eBook Packages: Computer ScienceComputer Science (R0)