On the Use of Masking to Defeat Power-Analysis Attacks
|
|
- Kristian Bruce
- 5 years ago
- Views:
Transcription
1 1/32 On the Use of Masking to Defeat Power-Analysis Attacks ENS Paris Crypto Day February 16, 2016 Presented by Sonia Belaïd
2 Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security in the probing model Construction of Secure Masking Schemes - Composition 2/32
3 Ü Black-box cryptanalysis Ü Side-channel analysis Alice mi Bob k ENC ci ci k DEC mi 3/32
4 Ü Black-box cryptanalysis: A (mi, c i ) Ü Side-Channel Analysis Alice mi Bob k ENC ci ci k DEC mi 3/32
5 Ü Black-box cryptanalysis Ü Side-Channel Analysis: A (mi, c i, L i ) Alice mi Bob k ENC ci ci k DEC mi Li 3/32
6 Ü Black-box cryptanalysis Ü Side-Channel Analysis: A (mi, c i, L i ) Alice mi Bob k ENC ci ci k DEC mi Li 3/32
7 Ü Black-box cryptanalysis Ü Side-Channel Analysis: A (mi, c i, L i ) Alice mi Bob k ENC ci ci k DEC mi Li 3/32
8 Ü Black-box cryptanalysis Ü Side-Channel Analysis: A (mi, c i, L i ) Alice mi Bob k ENC ci ci k DEC mi Li 3/32
9 Ü Black-box cryptanalysis Ü Side-Channel Analysis: A (mi, c i, L i ) Alice mi Bob k ENC ci ci k DEC mi Li 3/32
10 A Power-Analysis Attack against AES-128 Figure : Consumption trace of a full AES-128 from the DPA Contest v2 4/32
11 A Power-Analysis Attack against AES-128 Figure : Consumption trace of a full AES-128 from the DPA Contest v2 4/32
12 A Power-Analysis Attack against AES bit input m k 0 8 bits S-box 8-bit v f (v) + ε 5/32
13 A Power-Analysis Attack against AES bit input m k 0 8 bits S-box 8-bit v f (v) + ε 5/32
14 A Power-Analysis Attack against AES bit input m k 0 8 bits S-box 8-bit v f (v) + ε Attack on 8 bits prediction of the outputs for the 256 possible 8-bit secret correlation between predictions and leakage selection of the best correlation to find the correct 8-bit secret Attack on 128 bits repetition of the attack on 8 bits on each S-box 5/32
15 Algorithmic Countermeasures Problem: leakage L is key-dependent k m c L Two main algorithmic solutions: Fresh Re-keying: regularly change k Masking: make leakage L random 6/32
16 Fresh Re-keying Idea: regularly change k master key k r R session key k m c 7/32
17 Masking Idea: make leakage L random sensitive value: v = f (m,k) ( ) v 0 v v i 1 i t v 1 $... v t $ each t-uple of (v i ) i is independent from v 8/32
18 Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security in the probing model Construction of Secure Masking Schemes - Composition 9/32
19 Current Research on Masking Masking 10/32
20 Current Research on Masking Masking Security Efficiency 10/32
21 Current Research on Masking Masking Security Efficiency Realism leakage models Proofs formal proofs of security 10/32
22 Current Research on Masking Masking Security Efficiency Realism leakage models Proofs formal proofs of security [EC:PR13] Masking against Side-Channel Attacks: A Formal Security Proof [EC:DDF14] Unifying Leakage Models: From Probing Attacks to Noisy Leakage [EC:DFS15] Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device... 10/32
23 Current Research on Masking Masking Security Efficiency Realism leakage models Proofs formal proofs of security [EC:PR13] Masking against Side-Channel [C:ISW03] Private Circuits: Securing Attacks: A Formal Security Proof Hardware against Probing Attacks [EC:DDF14] Unifying Leakage Models: From Probing Attacks to Noisy Leakage [EC:DFS15] Making Masking Security Proofs Concrete - Or How to Evaluate [CHES:RP10] Provably Secure Higher- Order Masking of AES [FSE:CPRR13] Higher-Order Side Channel Security and Mask Refreshing the Security of Any Leaking Device... 10/32
24 Current Research on Masking Masking Security Efficiency Realism leakage models Proofs formal proofs of security [EC:PR13] Masking against Side-Channel [C:ISW03] Private Circuits: Securing Attacks: A Formal Security Proof Hardware against Probing Attacks [EC:DDF14] Unifying Leakage Models: From Probing Attacks to Noisy Leakage [EC:DFS15] Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device... [CHES:RP10] Provably Secure Higher- Order Masking of AES [FSE:CPRR13] Higher-Order Side Channel Security and Mask Refreshing [EC:BBDFGS15] formal proofs of masking schemes 10/32
25 Current Research on Masking Masking Security Efficiency Realism leakage models Proofs formal proofs of security [EC:PR13] Masking against Side-Channel [C:ISW03] Private Circuits: Securing Attacks: A Formal Security Proof Hardware against Probing Attacks [EC:DDF14] Unifying Leakage Models: From Probing Attacks to Noisy Leakage [EC:DFS15] Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device... [CHES:RP10] Provably Secure Higher- Order Masking of AES [FSE:CPRR13] Higher-Order Side Channel Security and Mask Refreshing [EC:BBDFGS15] formal proofs of masking schemes [eprint:bbdfg15] generation of formally proven masking schemes at any order 10/32
26 Current Research on Masking Masking Security Efficiency Realism leakage models [EC:PR13] Masking against Side-Channel Attacks: A Formal Security Proof [EC:DDF14] Unifying Leakage Models: From Probing Attacks to Noisy Leakage [EC:DFS15] Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device... Proofs formal proofs of security [C:ISW03] Private Circuits: Securing Hardware against Probing Attacks [CHES:RP10] Provably Secure Higher- Order Masking of AES [FSE:CPRR13] Higher-Order Side Channel Security and Mask Refreshing [EC:BBDFGS15] formal proofs of masking schemes [eprint:bbdfg15] generation of formally proven masking schemes at any order [FSE:CPRR13] Higher-Order Side Channel Security and Mask Refreshing [EC:BBPPTV16] improvement of the randomness complexity for some multiplications 10/32
27 Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security in the probing model Construction of Secure Masking Schemes - Composition 11/32
28 Power-Analysis Attacks on Masking Schemes First-order masking compare C (L (v +m),l (m)) to the predictions on v 12/32
29 Power-Analysis Attacks on Masking Schemes 3 rd -order masking compare C (L (v +m 1 ),L (m 2 ),L (m 3 ),L (m 1 +m 2 +m 3 )) to the predictions on v 12/32
30 Security of Masked Programs: Leakage Model convenience for security proofs t-probing model Ishai, Sahai, Wagner Crypto 03 no leak-free gates leak-free gates noisy leakage model Prouff, Rivain Eurocrypt 13 realism 13/32
31 Security of Masked Programs: Leakage Model convenience for security proofs t-probing model Ishai, Sahai, Wagner Crypto 03 reduction Duc, Dziembowski, Faust Eurocrypt 14 no leak-free gates leak-free gates noisy leakage model Prouff, Rivain Eurocrypt 13 realism 13/32
32 Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security in the probing model Construction of Secure Masking Schemes - Composition 14/32
33 Security in the t-probing model t-probing model assumptions: only one variable is leaking at a time the attacker can get the exact value of at most t variables show that all the t-uples are independent from the secret 15/32
34 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 16/32
35 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable 1. independent from the secret? function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 16/32
36 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable 1. independent from the secret? function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 16/32
37 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable 1. independent from the secret?? function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 16/32
38 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable 1. independent from the secret? many mistakes function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 16/32
39 Security in the t-probing model v: randomly generated variable c: known constant x: secret variable function Ex-t3(x 1,x 2,x 3,x 4,c): (* x 1,x 2,x 3 = $ *) (* x 4 = x +x 1 +x 2 +x 3 *) 1. independent from the secret? many mistakes r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 2. test uples missing cases inefficient 16/32
40 Security in the t-probing model Contributions: 1. new algorithm to decide whether a t-uple is independent from the secret no false positive more efficient than existing works 2. new algorithm to enumerate all the t-uples more efficient than existing works Gilles Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, and Pierre-Yves Strub. Verified proofs of higher-order masking. EUROCRYPT /32
41 1. Show that a t-uple is independent from the secret Inputs: t intermediate variables, b true (Rule 1) secret variables? yes (Rule 2) no (Rule 2) an expression v is invertible in the only occurrence of a random r? yes v r; (Rule 1) no (Rule 3) (Rule 3) is flag b = true? yes simplify; b false; (Rule 1) no function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) distribution independent from the secret might be used for an attack 18/32
42 1. Show that a t-uple is independent from the secret Inputs: t intermediate variables, b true (Rule 1) secret variables? yes (Rule 2) no (Rule 2) an expression v is invertible in the only occurrence of a random r? yes v r; (Rule 1) no (Rule 3) (Rule 3) is flag b = true? yes simplify; b false; (Rule 1) no function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) distribution independent from the secret might be used for an attack 18/32
43 1. Show that a t-uple is independent from the secret Inputs: t intermediate variables, b true (Rule 1) secret variables? yes (Rule 2) no (Rule 2) an expression v is invertible in the only occurrence of a random r? yes v r; (Rule 1) no (Rule 3) (Rule 3) is flag b = true? yes simplify; b false; (Rule 1) no function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) distribution independent from the secret might be used for an attack 18/32
44 1. Show that a t-uple is independent from the secret Inputs: t intermediate variables, b true (Rule 1) secret variables? yes (Rule 2) no (Rule 2) an expression v is invertible in the only occurrence of a random r? yes v r; (Rule 1) no (Rule 3) (Rule 3) is flag b = true? yes simplify; b false; (Rule 1) no function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 x 3 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) distribution independent from the secret might be used for an attack 18/32
45 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs 19/32
46 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice 19/32
47 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice Algorithm 1: 19/32
48 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice X Algorithm 1: 1. select X = (t variables) and prove its independence 19/32
49 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice X X Algorithm 1: 1. select X = (t variables) and prove its independence 2. extend X to X with more but still independence 19/32
50 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice X X ( ) C X Algorithm 1: 1. select X = (t variables) and prove its independence 2. extend X to X with more but still independence ( ) 3. recursively descend in set C X 19/32
51 2. Extension to All Possible Sets Problem: n intermediate variables ( n t ) proofs New Idea: proofs for sets of more than t variables find larger sets which cover all the intermediate variables is a hard problem two algorithms efficient in practice X X ( ) C X Algorithm 1: 1. select X = (t variables) and prove its independence 2. extend X to X with more but still independence ( ) 3. recursively descend in set C X 4. merge X ( ) and C X once they are processed separately. 19/32
52 2. Extension to All Possible Sets: Example function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 20/32
53 2. Extension to All Possible Sets: Example X: function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 20/32
54 2. Extension to All Possible Sets: Example X: function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 20/32
55 2. Extension to All Possible Sets: Example X: C ( X): function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 20/32
56 2. Extension to All Possible Sets: Example X: function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 C ( X): merge X and C ( X): y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 20/32
57 2. Extension to All Possible Sets: Example X: C ( X): merge X and C ( X): function Ex-t3(x 1,x 2,x 3,x 4,c): r 1 $ r 2 $ y 1 x 1 +r 1 y 2 (x +x 1 +x 2 +x 3 ) +r 2 t 1 x 2 +r 1 t 2 (x 2 +r 1 ) +x 3 y 3 (x 2 +r 1 +x 3 ) +r 2 y 4 c +r 2 return(y 1,y 2,y 3,y 4 ) 207 proofs instead of /32
58 Application to the Sbox [CPRR13, Algorithm 4] Method # tuples Security Complexity # sets time* First-Order Masking naive s Alg s Alg s Second-Order Masking naive 12, s Alg. 1 12, s Alg s Third-Order Masking naive 4,499, s Alg. 1 4,499,950 68, s Alg. 2 33, s Fourth-Order Masking naive - unpractical Alg. 1 2,277,036,685 8,852, s Alg. 2 3,343, s *run on a headless VM with a dual core (only one core is used in the computation) 64-bit processor clocked at 2GHz 21/32
59 Benchmarks Reference Target # tuples Security Complexity # sets time (s) First-Order Masking FSE13 full AES 17,206 3, MAC-SHA3 full Keccak-f 13,466 5, Second-Order Masking RSA06 Sbox 1,188,111 4, CHES10 Sbox 7,140 1 st -order flaws (2) CHES10 AES KS 23,041, , ,745 FSE13 2 rnds AES 25,429, ,865 1,295 FSE13 4 rnds AES 109,571,806 2,317,593 40,169 Third-Order Masking RSA06 Sbox 2,057,067,320 3 rd -order flaws (98,176) 2,013, FSE13 Sbox(4) 4,499,950 33, FSE13 Sbox(5) 4,499,950 39, Fourth-Order Masking FSE13 Sbox (4) 2,277,036,685 3,343, Fifth-Order Masking CHES10 216,071, , /32
60 Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security in the probing model Construction of Secure Masking Schemes - Composition 23/32
61 Current Issues in Composition 24/32
62 Current Issues in Composition 24/32
63 Current Issues in Composition A refresh algorithm takes as input a sharing (x i ) i 0 of x and returns a new sharing (x i ) i 0 of x such that (x i ) i 1 and (x i ) i 1 are mutually independent. 24/32
64 Current Issues in Composition A refresh algorithm takes as input a sharing (x i ) i 0 of x and returns a new sharing (x i ) i 0 of x such that (x i ) i 1 and (x i ) i 1 are mutually independent. 24/32
65 Current Issues in Composition A refresh algorithm takes as input a sharing (x i ) i 0 of x and returns a new sharing (x i ) i 0 of x such that (x i ) i 1 and (x i ) i 1 are mutually independent. 24/32
66 Composition in the t-probing model Contributions: 1. new algorithm to verify the security of compositions formal security any order 2. compiler to build a higher-order secure scheme from any C implementation efficient any order Gilles Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, and Benjamin Grégoire. Compositional Verification of Higher-Order Masking Application to a Verifying Masking Compiler. eprint /32
67 Security properties in the t-probing model if t is fixed: show that any set of t intermediate variables is independent from the secret 26/32
68 Security properties in the t-probing model if t is fixed: show that any set of t intermediate variables is independent from the secret if t is not fixed: show that any set of t intermediate variables can be simulated with at most t shares of each input a 0 a 1 a 2 a 3 (= a +a 0 +a 1 +a 2 ) c 0 c 1 c 2 c /32
69 Security properties in the t-probing model if t is fixed: show that any set of t intermediate variables is independent from the secret if t is not fixed: show that any set of t intermediate variables can be simulated with at most t shares of each input a 0 a 1 a 2 a 3 (= a +a 0 +a 1 +a 2 ) 3 function Linear-function-t(a 0,...,a i,...a t ): for i = 0 to t c i f (a i ) return (c 0,...,c i,...,c t ) c 0 c 1 c 2 c 3 straightforward for linear functions 26/32
70 Security properties in the t-probing model if t is fixed: show that any set of t intermediate variables is independent from the secret if t is not fixed: show that any set of t intermediate variables can be simulated with at most t shares of each input a 0 a 1 a 2 a 3 (= a +a 0 +a 1 +a 2 ) 3 function Linear-function-t(a 0,...,a i,...a t ): for i = 0 to t c i f (a i ) return (c 0,...,c i,...,c t ) c 0 c 1 c 2 c 3 straightforward for linear functions 26/32
71 Security properties in the t-probing model if t is fixed: show that any set of t intermediate variables is independent from the secret if t is not fixed: show that any set of t intermediate variables can be simulated with at most t shares of each input a 0 a 1 a 2 a 3 (= a +a 0 +a 1 +a 2 ) 3 function Linear-function-t(a 0,...,a i,...a t ): for i = 0 to t c i f (a i ) return (c 0,...,c i,...,c t ) c 0 c 1 c 2 c 3 straightforward for linear functions formal proofs with EasyCrypt and pen-and paper proofs for small non-linear functions 26/32
72 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t t 2 A 2 A 1 t 1 A 3 t 3 27/32
73 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t t 2 A 2 A 1 t 1 A 3 t 3 27/32
74 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t t 2 + t 3 A 2 A 1 t 1 + t 3 A 3 27/32
75 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t t 2 + t 3 A 2 A 1 t 1 + t 3 A 3 27/32
76 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t A 2 A 1 t 1 + t 3 + t 2 + t 3 A 3 27/32
77 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t A 2 A 1 t 1 + t 2 + 2t 3 t? A 3 27/32
78 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 t A 2 A 1 t 1 + t 2 + 2t 3 t? A 3 27/32
79 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 A 2 A 1 t 1 t r A 3 t 3 27/32
80 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 A 2 A 1 t 1 t r A 3 t 3 27/32
81 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 + t 3 A 2 A 1 t 1 t r + t 3 A 3 27/32
82 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 + t 3 A 2 A 1 t 1 t r + t 3 A 3 27/32
83 Current Issues t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t A 2 A 1 t 1 + t 2 + 2t 3 + t r t? A 3 27/32
84 Stronger security property for Refresh Strong Non-Interference in the t-probing model: if t is not fixed: show that any set of t intermediate variables with - t 1 on internal variables - t 2 = t t 1 on the outputs can be simulated with at most t 1 shares of each input a 0 a 1 a 2 a 3 2 internal c 0 c 1 c 2 c output observation 28/32
85 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 A 2 A 1 t 1 t r A 3 t 3 29/32
86 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 A 2 A 1 t 1 t r A 3 t 3 29/32
87 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 + t 3 A 2 A 1 t 1 t r internal +t 3 output A 3 29/32
88 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t t 2 + t 3 A 2 A 1 t 1 t r internal +t 3 output A 3 29/32
89 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t A 2 A 1 t 1 + t 2 + t 3 + t r t 3 output A 3 29/32
90 Secure Composition t 0 A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t A 2 A 1 t 1 + t 2 + t 3 + t r t 3 output A 3 29/32
91 Secure Composition t 0 + t 1 + t 2 + t 3 + t r A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t A 1 A 2 t 3 output A 3 29/32
92 Secure Composition t 0 + t 1 + t 2 + t 3 + t r t A 0 Constraint: t 0 +t 1 +t 2 +t 3 +t r t A 1 A 2 t 3 output A 3 29/32
93 Secure Composition Automatic tool for C-based algorithms unprotected algorithm higher-order masked algorithm example for AES S-box x 2 30/32
94 Secure Composition Automatic tool for C-based algorithms unprotected algorithm higher-order masked algorithm example for AES S-box x x /32
95 Secure Composition Automatic tool for C-based algorithms unprotected algorithm higher-order masked algorithm example for AES S-box x x /32
96 Secure Composition Automatic tool for C-based algorithms unprotected algorithm higher-order masked algorithm example for AES S-box x x x /32
97 Some Results Resource usage statistics for generating masked algorithms (at any order) from some unmasked implementations 1 Scheme # Refresh Time Memory AES ( ) 2/Sbox 0.09s 4Mo AES (x g(x)) s 4Mo Keccak with Refresh Mo Keccak s 22870Mo Simon s 15Mo Speck s 38Mo 1 On a Intel(R) Xeon(R) CPU E GHz with 64Go of memory running Linux (Fedora) 31/32
98 Some Results Resource usage statistics for generating masked algorithms (at any order) from some unmasked implementations 1 Scheme # Refresh Time Memory AES ( ) 2/Sbox 0.09s 4Mo AES (x g(x)) s 4Mo Keccak with Refresh s 456Mo Keccak s 22870Mo Simon s 15Mo Speck s 38Mo 1 On a Intel(R) Xeon(R) CPU E GHz with 64Go of memory running Linux (Fedora) 31/32
99 Conclusion Masking Realism models close enough to the reality Security Proofs formal proofs of security [EC15] formal proofs of masking schemes Efficiency [EC16] improvement of the randomness complexity for some multiplications [eprint15] generation of formally proven masking schemes at any order 32/32
100 Conclusion Masking Realism models close enough to the reality Security Proofs formal proofs of security [EC15] formal proofs of masking schemes Efficiency [EC16] improvement of the randomness complexity for some multiplications [eprint15] generation of formally proven masking schemes at any order extend the verification to higher orders using composition 32/32
101 Conclusion Masking Realism models close enough to the reality Security Proofs formal proofs of security [EC15] formal proofs of masking schemes Efficiency [EC16] improvement of the randomness complexity for some multiplications [eprint15] generation of formally proven masking schemes at any order extend the verification to higher orders using composition integrate transition/glitch-based model 32/32
102 Conclusion Masking Realism models close enough to the reality Security Proofs formal proofs of security [EC15] formal proofs of masking schemes Efficiency [EC16] improvement of the randomness complexity for some multiplications [eprint15] generation of formally proven masking schemes at any order extend the verification to higher orders using composition integrate transition/glitch-based model build practical experiments for both attacks and new countermeasures 32/32
103 Conclusion Masking Security Efficiency Realism models close enough to the reality Proofs formal proofs of security [EC15] formal proofs of masking schemes [EC16] improvement of the randomness complexity for some multiplications still reduce the randomness in multiplications [eprint15] generation of formally proven masking schemes at any order extend the verification to higher orders using composition integrate transition/glitch-based model build practical experiments for both attacks and new countermeasures 32/32
Formal Verification of Side-Channel Countermeasures
Formal Verification of Side-Channel Countermeasures Sonia Belaïd June 5th 2018 1 / 35 1 Side-Channel Attacks 2 Masking 3 Formal Tools Verification of Masked Implementations at Fixed Order Verification
More informationFormal Verification of Masked Implementations
Formal Verification of Masked Implementations Sonia Belaïd Benjamin Grégoire CHES 2018 - Tutorial September 9th 2018 1 / 47 1 Side-Channel Attacks and Masking 2 Formal Tools for Verification at Fixed Order
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Sonia Belaïd Joint Work with Gilles Barthe, Thomas Espitau, Pierre-Alain Fouque, Benjamin Grégoire, Mélissa Rossi, and Mehdi Tibouchi 1 / 31
More informationFormal Verification of Side-channel Countermeasures via Elementary Circuit Transformations
Formal Verification of Side-channel Countermeasures via Elementary Circuit Transformations Jean-Sébastien Coron University of Luxembourg jean-sebastiencoron@unilu April 9, 2018 Abstract We describe a technique
More informationMASKING is the most widely deployed countermeasure
1 Corrections to Further Improving Efficiency of Higher-Order Masking Schemes by Decreasing Randomness Complexity Shuang Qiu, Rui Zhang, Yongbin Zhou, Wei Cheng Abstract Provably secure masking schemes
More informationMasking the GLP Lattice-Based Signature Scheme at any Order
Masking the GLP Lattice-Based Signature Scheme at any Order Gilles Barthe (IMDEA Software Institute) Sonia Belaïd (CryptoExperts) Thomas Espitau (UPMC) Pierre-Alain Fouque (Univ. Rennes I and IUF) Benjamin
More informationParallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model G. Barthe, F. Dupressoir, S. Faust, B. Grégoire, F.-X. Standaert, P.-Y. Strub IMDEA (Spain), Univ. Surrey (UK), Univ. Bochum
More informationCompositional Verification of Higher-Order Masking
Compositional Verification of Higher-Order Masking Application to a Verifying Masking Compiler Gilles Barthe 2, Sonia Belaïd 1,5, François Dupressoir 2, Pierre-Alain Fouque 4,6, and Benjamin Grégoire 3
More informationProvable Security against Side-Channel Attacks
Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable
More informationParallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model Gilles Barthe 1, François Dupressoir 2, Sebastian Faust 3, Benjamin Grégoire 4, François-Xavier Standaert 5, and Pierre-Yves
More informationAmortizing Randomness Complexity in Private Circuits
Amortizing Randomness Complexity in Private Circuits Sebastian Faust 1,2, Clara Paglialonga 1,2, Tobias Schneider 1,3 1 Ruhr-Universität Bochum, Germany 2 Technische Universität Darmstadt, Germany 3 Université
More informationConsolidating Masking Schemes
Consolidating Masking Schemes Oscar Reparaz, Begül Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede firstname.lastname@esat.kuleuven.be KU Leuven ESAT/COSIC and iminds, Belgium Abstract.
More informationSymbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes
Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS Inès Ben El Ouahma Quentin Meunier Karine Heydemann Emmanuelle Encrenaz Sorbonne Universités, UPMC Univ Paris
More informationMaking Masking Security Proofs Concrete
Making Masking Security Proofs Concrete Or How to Evaluate the Security of any Leaking Device Extended Version Alexandre Duc 1, Sebastian Faust 1,2, François-Xavier Standaert 3 1 HEIG-VD, Lausanne, Switzerland
More informationImproved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations
Improved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations Gilles Barthe 1, Sonia Belaïd 2, François Dupressoir 3, Pierre-Alain Fouque 4,
More informationImproved High-Order Conversion From Boolean to Arithmetic Masking
Improved High-Order Conversion From Boolean to Arithmetic Masking Luk Bettale 1, Jean-Sébastien Coron 2, and Rina Zeitoun 1 1 IDEMIA, France luk.bettale@idemia.com, rina.zeitoun@idemia.com 2 University
More informationImproved Parallel Mask Refreshing Algorithms
Noname manuscript No. (will be inserted by the editor) Improved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations Gilles Barthe 1 Sonia
More informationStrong Non-Interference and Type-Directed Higher-Order Masking
Strong Non-Interference and Type-Directed Higher-Order Masking Gilles Barthe 1, Sonia Belaïd 2, François Dupressoir 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Pierre-Yves Strub 6, and Rébecca Zucchini
More informationConsolidating Inner Product Masking
Consolidating Inner Product Masking Josep Balasch 1, Sebastian Faust 2,3, Benedikt Gierlichs 1, Clara Paglialonga 2,3, François-Xavier Standaert 4 1 imec-cosic KU euven, Belgium 2 Ruhr-Universität Bochum,
More informationOn the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking
On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun Goudarzi and Matthieu Rivain CHES 2016, Santa-Barbara Higher-Order Masking x = x 1 + x 2 + + x d 2/28 Higher-Order
More informationHorizontal and Vertical Side-Channel Attacks against Secure RSA Implementations
Introduction Clavier et al s Paper This Paper Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations Aurélie Bauer Éliane Jaulmes Emmanuel Prouff Justine Wild ANSSI Session ID:
More informationHigh-Order Conversion From Boolean to Arithmetic Masking
High-Order Conversion From Boolean to Arithmetic Masking Jean-Sébastien Coron University of Luxembourg jean-sebastien.coron@uni.lu Abstract. Masking with random values is an effective countermeasure against
More informationSharing Independence & Relabeling: Efficient Formal Verification of Higher-Order Masking
Sharing Independence & Relabeling: Efficient Formal Verification of Higher-Order Masking Roderick Bloem, Hannes Gross, Rinat Iusupov, Martin Krenn, and Stefan Mangard Institute for Applied Information
More informationProvably Secure Higher-Order Masking of AES
Provably Secure Higher-Order Masking of AES Matthieu Rivain 1 and Emmanuel Prouff 2 1 CryptoExperts matthieu.rivain@cryptoexperts.com 2 Oberthur Technologies e.prouff@oberthur.com Abstract. Implementations
More informationFast Evaluation of Polynomials over Binary Finite Fields. and Application to Side-channel Countermeasures
Fast Evaluation of Polynomials over Binary Finite Fields and Application to Side-channel Countermeasures Jean-Sébastien Coron 1, Arnab Roy 1,2, Srinivas Vivek 1 1 University of Luxembourg 2 DTU, Denmark
More informationCircuit Compilers with O(1/ log(n)) Leakage Rate
Circuit Compilers with O(1/ log(n)) Leakage Rate Marcin Andrychowicz 1, Stefan Dziembowski 1, and Sebastian Faust 2 1 University of Warsaw 2 Ruhr University Bochum Abstract. The goal of leakage-resilient
More informationComparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
International Conference on Manufacturing Science and Engineering (ICMSE 2015) Comparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
More informationLeakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi
Leakage Assessment Methodology - a clear roadmap for side-channel evaluations - Tobias Schneider and Amir Moradi Wednesday, September 16 th, 015 Motivation Security Evaluation Motivation Security Evaluation
More informationConstant-Time Higher-Order Boolean-to-Arithmetic Masking
Constant-Time Higher-Order Boolean-to-Arithmetic Masking Michael Hutter and Michael Tunstall Cryptography Research, 425 Market Street, 11th Floor, San Francisco, CA 94105, United States {michael.hutter,michael.tunstall}@cryptography.com
More informationSeveral Masked Implementations of the Boyar-Peralta AES S-Box
Several Masked Implementations of the Boyar-Peralta AES S-Box Ashrujit Ghoshal 1[0000 0003 2436 0230] and Thomas De Cnudde 2[0000 0002 2711 8645] 1 Indian Institute of Technology Kharagpur, India ashrujitg@iitkgp.ac.in
More informationHorizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme
Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme Alberto Battistello 1, Jean-Sébastien Coron 2, Emmanuel Prouff 3, and Rina Zeitoun 1 1 Oberthur Technologies, France {a.battistello,r.zeitoun}@oberthur.com
More informationInner Product Masking for Bitslice Ciphers and Security Order Amplification for Linear Leakages
Inner Product Masking for Bitslice Ciphers and Security Order Amplification for Linear Leakages Weijia Wang 1, François-Xavier Standaert 2, Yu Yu 1,3, Sihang Pu 1, Junrong Liu 1, Zheng Guo 1, and Dawu
More informationIntroduction to Side Channel Analysis. Elisabeth Oswald University of Bristol
Introduction to Side Channel Analysis Elisabeth Oswald University of Bristol Outline Part 1: SCA overview & leakage Part 2: SCA attacks & exploiting leakage and very briefly Part 3: Countermeasures Part
More informationHow to Evaluate Side-Channel Leakages
How to Evaluate Side-Channel Leakages 7. June 2017 Ruhr-Universität Bochum Acknowledgment Tobias Schneider 2 Motivation Security Evaluation Attack based Testing Information theoretic Testing Testing based
More informationEfficient Masked S-Boxes Processing A Step Forward
Efficient Masked S-Boxes Processing A Step Forward Vincent Grosso 1, Emmanuel Prouff 2, François-Xavier Standaert 1 1 ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Belgium. 2 ANSSI, 51 Bd
More informationFormal Verification of Masked Hardware Implementations in the Presence of Glitches
Formal Verification of Masked Hardware Implementations in the Presence of Glitches Roderick Bloem, Hannes Gross, Rinat Iusupov, Bettina Könighofer, Stefan Mangard, and Johannes Winter Institute for Applied
More informationSIDE Channel Analysis (SCA in short) exploits information. Statistical Analysis of Second Order Differential Power Analysis
1 Statistical Analysis of Second Order Differential Power Analysis Emmanuel Prouff 1, Matthieu Rivain and Régis Bévan 3 Abstract Second Order Differential Power Analysis O- DPA is a powerful side channel
More informationOn the Practical Security of a Leakage Resilient Masking Scheme
On the Practical Security of a Leakage Resilient Masking Scheme T. Roche thomas.roche@ssi.gouv.fr Joint work with E. Prouff and M. Rivain French Network and Information Security Agency (ANSSI) CryptoExperts
More informationTHRESHOLD IMPLEMENTATIONS OF ALL 3x3 AND 4x4 S-BOXES
THRESHOLD IMPLEMENTATIONS OF ALL 3x3 AND 4x4 S-BOXES B.Bilgin, S.Nikova, V.Nikov, V.Rijmen, G.Stütz KU Leuven, UTwente, NXP, TU Graz CHES 2012 - Leuven, Belgium 2012-09-10 Countermeasures Search for a
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More informationRevisiting a Masked Lookup-Table Compression Scheme
Revisiting a Masked Lookup-Table Compression Scheme Srinivas Vivek University of Bristol, UK sv.venkatesh@bristol.ac.uk Abstract. Lookup-table based side-channel countermeasure is the prime choice for
More informationConversion from Arithmetic to Boolean Masking with Logarithmic Complexity
Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity Jean-Sébastien Coron 1, Johann Großschädl 1, Mehdi Tibouchi 2, and Praveen Kumar Vadnala 1 1 University of Luxembourg, jean-sebastien.coron,johann.groszschaedl,praveen.vadnala}@uni.lu
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Gilles Barthe 1, Sonia Belaïd 2, Thomas Espitau 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Mélissa Rossi 6,7, and Mehdi Tibouchi 8 1 IMDEA
More informationYet another side-channel attack: Multi-linear Power Analysis attack (MLPA)
Yet another side-channel attack: Multi-linear Power Analysis attack (MLPA) Thomas Roche, Cédric Tavernier Laboratoire LIG, Grenoble, France. Communications and Systems, Le Plessis Robinson, France. Cryptopuces
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Gilles Barthe 1, Sonia Belaïd 2, Thomas Espitau 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Mélissa Rossi 6,7, and Mehdi Tibouchi 8 1 IMDEA
More informationMasking and Dual-rail Logic Don't Add Up
Masking and Dual-rail Logic Don't Add Up Patrick Schaumont schaum@vt.edu Secure Embedded Systems Group ECE Department Kris Tiri kris.tiri@intel.com Digital Enterprise Group Intel Corporation Our Contributions
More informationAffine Masking against Higher-Order Side Channel Analysis
Affine Masking against Higher-Order Side Channel Analysis Guillaume Fumaroli 1, Ange Martinelli 1, Emmanuel Prouff 2, and Matthieu Rivain 3 1 Thales Communications {guillaume.fumaroli, jean.martinelli}@fr.thalesgroup.com
More informationStart Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling
IEEE TRANSACTIONS ON COMPUTERS, VOL.?, NO.?,?? 1 Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling Liran Lerman, Nikita Veshchikov, Olivier Markowitch,
More informationConversion from Arithmetic to Boolean Masking with Logarithmic Complexity
Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity Jean-Sébastien Coron 1, Johann Großschädl 1, Mehdi Tibouchi 2, and Praveen Kumar Vadnala 1 1 University of Luxembourg, jean-sebastien.coron,johann.groszschaedl,praveen.vadnala}@uni.lu
More informationComprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure
Comprehensive Evaluation of AES Dual Ciphers as a Side-Channel Countermeasure Amir Moradi and Oliver Mischke Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany {moradi,mischke}@crypto.rub.de
More informationDPA-Resistance without routing constraints?
Introduction Attack strategy Experimental results Conclusion Introduction Attack strategy Experimental results Conclusion Outline DPA-Resistance without routing constraints? A cautionary note about MDPL
More informationFaster Evaluation of S-Boxes via Common Shares
Faster Evaluation of S-Boxes via Common Shares J-S. Coron, A. Greuet, E. Prouff, R. Zeitoun F.Rondepierre CHES 2016 CHES 2016 1 S-Box Evaluation AES By definition: S AES (x) = A x 254 + b F 2 8[x] CHES
More informationMasking against Side-Channel Attacks: a Formal Security Proof
Masking against Side-Channel Attacks: a Formal Security Proof Emmanuel Prouff 1 and Matthieu Rivain 2 1 ANSSI emmanuel.prouff@ssi.gouv.fr 2 CryptoExperts matthieu.rivain@cryptoexperts.com Abstract. Masking
More informationLeakage-Resilient Symmetric Encryption via Re-keying
Leakage-Resilient Symmetric Encryption via Re-keying Michel Abdalla 1, Sonia Belaïd 1,2, and Pierre-Alain Fouque 1 1 École Normale Supérieure, 45 rue d Ulm 75005 Paris 2 Thales Communications & Security,
More informationQuantum Differential and Linear Cryptanalysis
Quantum Differential and Linear Cryptanalysis Marc Kaplan 1,2 Gaëtan Leurent 3 Anthony Leverrier 3 María Naya-Plasencia 3 1 LTCI, Télécom ParisTech 2 School of Informatics, University of Edinburgh 3 Inria
More informationConsolidating Security Notions in Hardware Masking
Consolidating Security Notions in Hardware Masking Lauren De Meyer 1, Begül Bilgin 1,2 and Oscar Reparaz 1,3 1 KU Leuven, imec - COSIC, Leuven, Belgium firstname.lastname@esat.kuleuven.be 2 Rambus, Cryptography
More informationConversion from Arithmetic to Boolean Masking with Logarithmic Complexity
Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity Jean-Sébastien Coron 1(B), Johann Großschädl 1, Mehdi Tibouchi 2, and Praveen Kumar Vadnala 1 1 University of Luxembourg, Luxembourg,
More informationSide-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects
Side-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects Zhimin Chen, Syed Haider, and Patrick Schaumont Virginia Tech, Blacksburg, VA 24061, USA {chenzm,syedh,schaum}@vt.edu Abstract.
More informationSide-channel analysis in code-based cryptography
1 Side-channel analysis in code-based cryptography Tania RICHMOND IMATH Laboratory University of Toulon SoSySec Seminar Rennes, April 5, 2017 Outline McEliece cryptosystem Timing Attack Power consumption
More informationLeakage Resilient ElGamal Encryption
Asiacrypt 2010, December 9th, Singapore Outline 1 Hybrid Encryption, the KEM/DEM framework 2 ElGamal KEM 3 Leakage Resilient Crypto Why? How? Other models? 4 Leakage Resilient ElGamal CCA1 secure KEM (Key
More informationHigh (Physical) Security & Lightweight (Symmetric) Cryptography
High (Physical) Security & Lightweight (Symmetric) Cryptography François-Xavier Standaert UCL Crypto Group, Belgium HIGHLIGHT LIGHTCRYPTO, November 2016 Outline Preliminary questions / definitions Side-channel
More informationSide-channel attacks on PKC and countermeasures with contributions from PhD students
basics Online Side-channel attacks on PKC and countermeasures (Tutorial @SPACE2016) with contributions from PhD students Lejla Batina Institute for Computing and Information Sciences Digital Security Radboud
More informationHardware Security Side channel attacks
Hardware Security Side channel attacks R. Pacalet renaud.pacalet@telecom-paristech.fr May 24, 2018 Introduction Outline Timing attacks P. Kocher Optimizations Conclusion Power attacks Introduction Simple
More informationInvestigations of Power Analysis Attacks on Smartcards *
Investigations of Power Analysis Attacks on Smartcards * Thomas S. Messerges Ezzy A. Dabbish Robert H. Sloan 1 Dept. of EE and Computer Science Motorola Motorola University of Illinois at Chicago tomas@ccrl.mot.com
More informationSiwei Sun, Lei Hu, Peng Wang, Kexin Qiao, Xiaoshuang Ma, Ling Song
Automatic Security Evaluation and (Related-key) Differential Characteristic Search: Application to SIMON, PRESENT, LBlock, DES(L) and Other Bit-oriented Block Ciphers Siwei Sun, Lei Hu, Peng Wang, Kexin
More informationAlgorithmic Number Theory and Public-key Cryptography
Algorithmic Number Theory and Public-key Cryptography Course 3 University of Luxembourg March 22, 2018 The RSA algorithm The RSA algorithm is the most widely-used public-key encryption algorithm Invented
More informationSide-Channel Attacks on Threshold Implementations using a Glitch Algebra
Side-Channel Attacks on Threshold Implementations using a Glitch Algebra Serge Vaudenay EPFL CH-1015 Lausanne, Switzerland http://lasec.epfl.ch Abstract. Threshold implementations allow to implement circuits
More informationRSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis. Daniel Genkin, Adi Shamir, Eran Tromer
RSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis Daniel Genkin, Adi Shamir, Eran Tromer Mathematical Attacks Input Crypto Algorithm Key Output Goal: recover the key given access to the inputs
More informationHow to Use Short Basis : Trapdoors for Hard Lattices and new Cryptographic Constructions
Presentation Article presentation, for the ENS Lattice Based Crypto Workgroup http://www.di.ens.fr/~pnguyen/lbc.html, 30 September 2009 How to Use Short Basis : Trapdoors for http://www.cc.gatech.edu/~cpeikert/pubs/trap_lattice.pdf
More informationDifferential Cache Trace Attack Against CLEFIA
Differential Cache Trace Attack Against CLEFIA Chester Rebeiro and Debdeep Mukhopadhyay Dept. of Computer Science and Engineering Indian Institute of Technology Kharagpur, India {chester,debdeep}@cse.iitkgp.ernet.in
More informationHow Fast Can Higher-Order Masking Be in Software?
How Fast Can Higher-Order Masking Be in Software? Dahmun Goudarzi 1,2 and Matthieu Rivain 1 1 CryptoExperts, Paris, France 2 ENS, CNRS, INRIA and PSL Research University, Paris, France dahmun.goudarzi@cryptoexperts.com
More informationOn the Use of Shamir s Secret Sharing Against Side-Channel Analysis
On the Use of Shamir s Secret Sharing Against Side-Channel Analysis Jean-Sébastien Coron 1, Emmanuel Prouff 2, and Thomas Roche 2 1 Tranef jscoron@tranef.com 2 ANSSI, 51, Bd de la Tour-Maubourg, 75700
More informationMasking against Side-Channel Attacks: AFormalSecurityProof
Masking against Side-Channel Attacks: AFormalSecurityProof Emmanuel Prouff 1 and Matthieu Rivain 2 1 ANSSI emmanuel.prouff@ssi.gouv.fr 2 CryptoExperts matthieu.rivain@cryptoexperts.com Abstract. Masking
More informationUsing Second-Order Power Analysis to Attack DPA Resistant Software
Using Second-Order Power Analysis to Attack DPA Resistant Software Thomas S. Messerges Motorola Labs, Motorola 3 E. Algonquin Road, Room 7, Schaumburg, IL 696 Tom.Messerges@motorola.com Abstract. Under
More informationFault Attacks Against Lattice-Based Signatures
Fault Attacks Against Lattice-Based Signatures T. Espitau P-A. Fouque B. Gérard M. Tibouchi Lip6, Sorbonne Universités, Paris August 12, 2016 SAC 16 1 Towards postquantum cryptography Quantum computers
More informationKey Recovery on Hidden Monomial Multivariate Schemes
Key Recovery on Hidden Monomial Multivariate Schemes Pierre-Alain Fouque 1, Gilles Macario-Rat 2, and Jacques Stern 1 1 École normale supérieure, 45 rue d Ulm, 75005 Paris, France {Pierre-Alain.Fouque,
More informationInner Product Masking Revisited
Inner Product Masking Revisited Josep Balasch 1, Sebastian Faust 2, and Benedikt Gierlichs 1 1 KU Leuven Dept. Electrical Engineering-ESAT/COSIC and iminds Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee,
More informationDIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD *
DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD * Mark Karpovsky, Konrad J. Kulikowski, Alexander Taubin Reliable Computing Laboratory,Department of Electrical
More informationUniform First-Order Threshold Implementations
Uniform First-Order Threshold Implementations Tim Beyne and Begül Bilgin ESAT/COSIC, KU Leuven and iminds, Belgium name.lastname@student.kuleuven.be, name.lastname@esat.kuleuven.be Abstract. Most masking
More informationSCInfer: Refinement-based Verification of Software Countermeasures against Side-Channel Attacks
SCInfer: Refinement-based Verification of Software Countermeasures against Side-Channel Attacks Jun Zhang 1, Pengfei Gao 1, Fu Song 1, and Chao Wang 2 1 ShanghaiTech University, Shanghai, China 2 University
More informationOn the Security of NOEKEON against Side Channel Cube Attacks
On the Security of NOEKEON against Side Channel Cube Attacks Shekh Faisal Abdul-Latip 1,2, Mohammad Reza Reyhanitabar 1, Willy Susilo 1, and Jennifer Seberry 1 1 Center for Computer and Information Security
More informationMasking AES with d + 1 Shares in Hardware
Masking AES with d + 1 Shares in Hardware Thomas De Cnudde 1, Oscar Reparaz 1, Begül Bilgin 1, Svetla Nikova 1, Ventzislav Nikov 2 and Vincent Rijmen 1 1 KU Leuven, ESAT-COSIC and iminds, Belgium {name.surname}@esat.kuleuven.be
More informationStructural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-128
Structural Evaluation of AES and Chosen-Key Distinguisher of 9-round AES-128 Pierre-Alain Fouque 1 Jérémy Jean 2 Thomas Peyrin 3 1 Université de Rennes 1, France 2 École Normale Supérieure, France 3 Nanyang
More informationLeakage-Resilient Symmetric Cryptography Under Empirically Verifiable Assumptions
Leakage-Resilient Symmetric Cryptography Under Empirically Verifiable Assumptions François-Xavier Standaert 1, Olivier Pereira 1, Yu Yu 2 1 ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Belgium.
More information1 Indistinguishability for multiple encryptions
CSCI 5440: Cryptography Lecture 3 The Chinese University of Hong Kong 26 September 2012 1 Indistinguishability for multiple encryptions We now have a reasonable encryption scheme, which we proved is message
More informationECS 189A Final Cryptography Spring 2011
ECS 127: Cryptography Handout F UC Davis Phillip Rogaway June 9, 2011 ECS 189A Final Cryptography Spring 2011 Hints for success: Good luck on the exam. I don t think it s all that hard (I do believe I
More informationComputing Generator in Cyclotomic Integer Rings
A subfield algorithm for the Principal Ideal Problem in L 1 K 2 and application to the cryptanalysis of a FHE scheme Jean-François Biasse 1 Thomas Espitau 2 Pierre-Alain Fouque 3 Alexandre Gélin 2 Paul
More informationHigher-Order Glitches Free Implementation of the AES using Secure Multi-Party Computation Protocols
Higher-Order Glitches Free Implementation of the AES using Secure Multi-Party Computation Protocols Emmanuel Prouff 1 and Thomas Roche 2 1 Oberthur Technologies, 71-73, rue des Hautes Pâtures 92726 Nanterre,
More informationHow to Construct a Leakage-Resilient (Stateless) Trusted Party
How to Construct a Leakage-Resilient Stateless Trusted Party Daniel Genkin UPenn and UMD danielg3@seas.upenn.edu Yuval Ishai Technion and UCLA yuvali@cs.technion.ac.il Mor Weiss Northeastern m.weiss@northeastern.onmicrosoft.com
More informationElliptic Curve Cryptography and Security of Embedded Devices
Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography
More informationStatistical Analysis for Access-Driven Cache Attacks Against AES
Statistical Analysis for Access-Driven Cache Attacks Against AES Liwei Zhang, A. Adam Ding, Yunsi Fei, and Zhen Hang Jiang 1 Department of Mathematics, Northeastern University, Boston, MA 02115 2 Department
More informationSuccess through confidence: Evaluating the effectiveness of a side-channel attack.
Success through confidence: Evaluating the effectiveness of a side-channel attack. Adrian Thillard, Emmanuel Prouff, and Thomas Roche ANSSI, 51, Bd de la Tour-Maubourg, 757 Paris 7 SP, France firstname.name@ssi.gouv.fr
More informationGarbled Circuits for Leakage-Resilience: Hardware Implementation and Evaluation of One-Time Programs
Ruhr-University Bochum Bochum Chair for System Security Garbled Circuits for Leakage-Resilience: Hardware Implementation and Evaluation of One-Time Programs Kimmo Järvinen Aalto University, Finland Vladimir
More informationLS-Designs. Bitslice Encryption for Efficient Masked Software Implementations
Bitslice Encryption for Efficient Masked Software Implementations Vincent Grosso 1 Gaëtan Leurent 1,2 François Xavier Standert 1 Kerem Varici 1 1 UCL, Belgium 2 Inria, France FSE 2014 G Leurent (UCL,Inria)
More informationOn the Complexity of the Hybrid Approach on HFEv-
On the Complexity of the Hybrid Approach on HFEv- Albrecht Petzoldt National Institute of Standards and Technology, Gaithersburg, Maryland, USA albrecht.petzoldt@gmail.com Abstract. The HFEv- signature
More informationWhite-Box Cryptography
White-Box Cryptography Matthieu Rivain CARDIS 2017 How to protect a cryptographic key? How to protect a cryptographic key? Well, put it in a smartcard of course!... or any piece of secure hardware But...
More informationTheory and Practice of a Leakage Resilient Masking Scheme
Theory and Practice of a Leakage Resilient Masking Scheme Josep Balasch 1, Sebastian Faust 2, Benedikt Gierlichs 1, and Ingrid Verbauwhede 1 1 KU Leuven Dept. Electrical Engineering-ESAT/SCD-COSIC and
More informationSubspace Trail Cryptanalysis and its Applications to AES
Subspace Trail Cryptanalysis and its Applications to AES Lorenzo Grassi, Christian Rechberger and Sondre Rønjom March, 2017 1 / 28 Introduction In the case of AES, several alternative representations (algebraic
More informationPractical Key Recovery for Discrete-Logarithm Based Authentication Schemes from Random Nonce Bits
Practical Key Recovery for Discrete-Logarithm Based Authentication Schemes from Random Nonce Bits Damien Vergnaud École normale supérieure CHES September, 15th 2015 (with Aurélie Bauer) Damien Vergnaud
More informationConnecting and Improving Direct Sum Masking and Inner Product Masking
Connecting and Improving Direct Sum Masking and Inner Product Masking Romain Poussier 1, Qian Guo 1, François-Xavier Standaert 1, Claude Carlet 2, Sylvain Guilley 3 1 ICTEAM/ELEN/Crypto Group, Université
More information