On the Duality of Probing and Fault Attacks

Abstract

In this work we investigate the problem of simultaneous privacy and integrity protection in cryptographic circuits. We consider a white-box scenario with a powerful, yet limited attacker. A concise metric for the level of probing and fault security is introduced, which is directly related to the capabilities of a realistic attacker. In order to investigate the interrelation of probing and fault security we introduce a common mathematical framework based on the formalism of information and coding theory. The framework unifies the known linear masking schemes. We proof a central theorem about the properties of linear codes which leads to optimal secret sharing schemes. These schemes provide the lower bound for the number of masks needed to counteract an attacker with a given strength. The new formalism reveals an intriguing duality principle between the problems of probing and fault security, and provides a unified view on privacy and integrity protection using error detecting codes. Finally, we introduce a new class of linear tamper-resistant codes. These are eligible to preserve security against an attacker mounting simultaneous probing and fault attacks.

Appendices

Appendix A: Example for OPS(7,4;2) Masking Scheme

A number of s = 3 mask bits provides probing security PS(2) for data words of length k = 4. The canonical probing matrix in the OPS(7,4;2) masking scheme is a [7, 4, 3] Hamming code.

$$ \mathbf{P}^2_{3,7}= \left(\begin{array}{cccc|ccc} 1 & 1 & 0 & 1 & 1 & 0 & 0 \\ 1 & 0 & 1 & 1 & 0 & 1 & 0 \\ 0 & 1 & 1 & 1 & 0 & 0 & 1 \end{array}\right). $$

(7)

In explicit terms, the corresponding generator matrix (2) induces the masking scheme

$$\begin{array}{lll} &&{\kern-6pt} \big(x_1,\dots,x_4, m_1,m_2,m_3\big)\\ & &\mapsto \big(x_1+m_1+m_2,x_2+m_1+m_3, x_3+m_2+m_3,\\ && \phantom{\mapsto \big(} x_4+m_1+m_2+m_3, m_1,m_2,m_3\big). \end{array}$$

Appendix B: Example for OPS(16,11;3) Masking Scheme

A number of s = 5 mask bits can provide probing security PS(3) for data words of length k = 11. The canonical probing matrix in the OPS(16,11;3) masking scheme is a [16, 11, 4] Hsiao code [11].

$$ \mathbf{P}^3_{5,16} = \left(\begin{array}{ccccccccccc|ccccc} 1 & 1 & 1 & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 & 1 & 0 & 0 & 0 & 0 \\ 1 & 1 & 1 & 0 & 0 & 0 & 1 & 1 & 1 & 0 & 1 & 0 & 1 & 0 & 0 & 0 \\ 1 & 0 & 0 & 1 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 0 & 0 & 1 & 0 & 0 \\ 0 & 1 & 0 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 1 & 0 & 0 & 0 & 1 & 0 \\ 0 & 0 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 \end{array}\right). $$

(8)

Appendix C: Example for OPS(17,9;4) Masking Scheme

The [17, 9, 5] quadratic residue code, cf. [15], generates an OPS(17,9;4) masking scheme. Using the generator polynomial x ⁸ + x ⁵ + x ⁴ + x ³ + 1 the following canonical probing matrix is obtained.

$$ \mathbf{P}^4_{9,17} = \left(\begin{array}{ccccccccc|cccccccc} 1 & 0 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 \\ 0 & 1 & 0 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 \\ 0 & 0 & 1 & 0 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 \\ 1 & 0 & 0 & 0 & 1 & 1 & 0 & 1 & 1 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 \\ 1 & 1 & 0 & 1 & 1 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 \\ 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 \\ 0 & 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 \\ 0 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 \end{array}\right). $$

(9)

Appendix D: Example for OTR(7,4,1;2,2) Tamper Resistant Code

To achieve a forcing security of order 2, FRS(2), we start with the parity check matrix of a [7, 4, 3] Hamming code. The distance of this code is d _min = 3 and the number of redundancy bits is r = n − k = 3.

$$ \mathbf{H} = \left(\begin{array}{cccc|ccc} 1 & 1 & 0 & 1 & 1 & 0 & 0 \\ 1 & 0 & 1 & 1 & 0 & 1 & 0 \\ 0 & 1 & 1 & 1 & 0 & 0 & 1 \end{array}\right). $$

(10)

As given by Table 1 a number of s = 3 masks bits is required to achieve PS(2) for an OPS code of length n = 7. Hence a maximum of j = k − s = 1 information bits can be protected. The canonical generator matrix can be easily constructed by applying elementary row operations:

$$ \mathbf{G} = \left(\begin{array}{c|ccc|ccc} 1 & 0 & 0 & 0 & 1 & 1 & 0 \\ \hline 1 & 1 & 0 & 0 & 0 & 1 & 1 \\ 1 & 0 & 1 & 0 & 1 & 0 & 1 \\ 0 & 0 & 0 & 1 & 1 & 1 & 1 \end{array}\right). $$

(11)

It is immediate that any two columns in the probing matrix (lower part of G) are linearly independent. Hence this OTR code is PS(2).

Appendix E: Example for OTR(16,11,6;3,3) Tamper Resistant Code

In this nontrivial example we use a minimum weight Hsiao code (d _min = 4) of length n = 16 and dimension k = 11 as a starting point to achieve FRS(3),

$$ \mathbf{H} = \left(\begin{array}{ccccccccccc|ccccc} 1 & 1 & 1 & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 & 1 & 0 & 0 & 0 & 0\\ 1 & 1 & 1 & 0 & 0 & 0 & 1 & 1 & 1 & 0 & 1 & 0 & 1 & 0 & 0 & 0\\ 1 & 0 & 0 & 1 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 0 & 0 & 1 & 0 & 0\\ 0 & 1 & 0 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 1 & 0 & 0 & 0 & 1 & 0\\ 0 & 0 & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 \end{array}\right). $$

(12)

From Table 1 we see that s = 5 masks are necessary to secure n = 16 bits against a probing attack of order 3. Applying elementary row operations the generator matrix of an equivalent PS(3)-secure code can be constructed:

$$ \mathbf{G} = \left(\begin{array}{cccccc|ccccc|ccccc} 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 1 & 1 & 0 & 0 \\ 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 1 & 0 & 1 & 0 \\ 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 1 & 0 & 0 & 1 \\ 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & 1 & 1 & 0 \\ 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & 1 & 0 & 1 \\ 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & 1 & 1 \\ \hline 1 & 1 & 1 & 1 & 1 & 0 & 1 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & 1 & 0 \\ 1 & 0 & 1 & 0 & 0 & 1 & 0 & 1 & 0 & 0 & 0 & 1 & 1 & 0 & 1 & 1 \\ 1 & 0 & 0 & 1 & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & 1 & 1 & 1 \\ 1 & 1 & 1 & 0 & 1 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & 1 & 1 & 0 & 1 \\ 1 & 1 & 0 & 1 & 0 & 1 & 0 & 0 & 0 & 0 & 1 & 1 & 1 & 1 & 0 & 0 \end{array}\right). $$

(13)

This OTR code can secure j = k − s = 6 bits of information simultaneously against FRA(3) and PA(3) attacks.