Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
|
|
- Logan Carr
- 5 years ago
- Views:
Transcription
1 Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model G. Barthe, F. Dupressoir, S. Faust, B. Grégoire, F.-X. Standaert, P.-Y. Strub IMDEA (Spain), Univ. Surrey (UK), Univ. Bochum (Germany), INRIA Sophia- Antipolis (France), UCL (Belgium), Ecole Polytechnique (France) EUROCRYPT 2017, Paris, France
2 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
3 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
4 Side-channel attacks computation success probability # of measurements 128 physical attacks that decreases security exponentially in the # of measurements 96
5 Noise (hardware countermeasures) 2
6 Noise (hardware countermeasures) 2
7 Noise (hardware countermeasures) 2 Additive noise cost 2 security 2 not a good (crypto) security parameter
8 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
9 Masking ( noise amplification) 3 Example: Boolean encoding y = y 1 y 2 y d 1 y d With y 1, y 2,, y d 2, y d 1 {0,1} n
10 Masking (abstract view) 4 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d?
11 Masking (abstract view) 4 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d? d 1 probes do not reveal anything on y
12 Masking (abstract view) 4 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d y But d probes completely reveal y
13 Masking (concrete view) 5 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d? Bounded information leakage MI(Y i ; L) d
14 Masking (concrete view) 5 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d? Noisy leakage security (Prouff, Rivain 2013)
15 Masking (concrete view) 5 Probing security (Ishai, Sahai, Wagne003) y = y 1 y 2 y d 1 y d Noisy leakage security (Prouff, Rivain 2013) noise and independence (Duc, Dziembwski, Faust 2014)
16 Motivation / open questions 6 1. What happens with parallel implementations? For example: one probe reveals the shares sum
17 Motivation / open questions 6 1. What happens with parallel implementations? For example: one probe reveals the shares sum 2. How to test physical independence? (consolidating)??
18 Motivation / open questions 6 1. What happens with parallel implementations? For example: one probe reveals the shares sum 2. How to test physical independence? (consolidating)?? W/O directly working in the noisy leakage model
19 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
20 Masking statistical intuition 7 2-share / 1-bit example, serial implementation L 1 = y 1 + n 1 L 2 = y 2 + n 2
21 Masking statistical intuition 7 2-share / 1-bit example, parallel implementation L 1 = y 1 + n 1 L 2 = y 2 + n 2 L = y 1 + y 2 + n
22 Masking statistical intuition 7 2-share / 1-bit example, parallel implementation L 1 = y 1 + n 1 Definition (informal). An implementation is secure at order o in the bounded moment model if all mixed statistical moments of order up to o of its leakage vectors are independent of any sensitive variable manipulated L 2 = y 2 + n 2 L = y 1 + y 2 + n
23 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
24 Abstract reduction (answer to Q1) 8 Theorem (informal). A parallel implementation is secure at order o in the BMM if its serialization is secure at order o in the probing model where Adv pr can (typically) probe o = d 1 wires d Adv bm can observe any L = i=1 α i y i
25 Abstract reduction 8 Theorem (informal). A parallel implementation is secure at order o in the BMM if its serialization is secure at order o in the probing model where Adv pr can (typically) probe o = d 1 wires d Adv bm can observe any L = i=1 α i y i Intuition: summing the shares (in R) does not break the independent leakage assumption
26 Abstract reduction 8 Theorem (informal). A parallel implementation is secure at order o in the BMM if its serialization is secure at order o in the probing model where Adv pr can (typically) probe o = d 1 wires d Adv bm can observe any L = i=1 α i y i Intuition: summing the shares (in R) does not break the independent leakage assumption Main between probing and BM security Adv bm can sum over all the shares! BM security is weaker (moments vs. distributions)
27 Concrete consequence 9 If physically independent leakages, BM security extends to actual measurements (e.g., d = 3)
28 Concrete consequence (answer to Q2) 9 If physically independent leakages, BM security extends to actual measurements (e.g., d = 3) If not, leakages are not independent
29 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
30 Serial multiplication 10 ISW 2003: multiplication c = a b b 1 b 2 b 3 a 2 b 1 a 2 b 2 a 2 b 3 a 3 b 1 a 3 b 2 a 3 b 3 partial products refresh c 1 c 2 c 3 compress
31 Serial multiplication 10 ISW 2003: multiplication c = a b b 1 b 2 b 3 a 2 b 1 a 2 b 2 a 2 b 3 a 3 b 1 a 3 b 2 a 3 b 3 partial products refresh c 1 c 2 c 3 compress AES S-box (n = 8) implementation a = a 2 a d (e.g., d = 8) Each register stores an a i (i.e., a GF 2 8 element) Memory n d, Time: d 2 GF 2 8 mult. AES S-box 3 multiplications (& 4 squarings)
32 Parallel multiplication 11 Main tweak: interleave & regularize b 1 a 2 b 2 a 3 b 3 b 3 a 3 b 1 a 2 b 1 b 2 a 3 b 2 a 2 b 3 c 1 c 2 c 3 refresh
33 Parallel multiplication 11 Main tweak: interleave & regularize b 1 a 2 b 2 a 3 b 3 b 3 a 3 b 1 a 2 b 1 b 2 a 3 b 2 a 2 b 3 refresh AES S-box (n = 8) implementation a = a 2 a d (e.g., d = 8) Each register stores n a i s (i.e., GF 2 elements) Memory n d, Time: d GF 2 mult. (i.e., ANDs) AES bitslice S-box 32 AND gates (& 83 XORs) c 1 c 2 c 3
34 Parallel multiplication 11 Main tweak: interleave & regularize b 1 a 2 b 2 a 3 b 3 b 3 a 3 b 1 a 2 b 1 b 2 a 3 b 2 a 2 b 3 refresh AES S-box (n = 8) implementation a = a 2 a d (e.g., d = 8) Each register stores n a i s (i.e., GF 2 elements) Memory n d, Time: d GF 2 mult. (i.e., ANDs) AES bitslice S-box 32 AND gates (& 83 XORs) Performance gains with large d s (8, 16, 32) c 1 c 2 c 3
35 Security analysis 12 We analyzed the SNI security of the gadgets composable probing security (Barthe et al. 2016)
36 Security analysis 12 We analyzed the SNI security of the gadgets composable probing security (Barthe et al. 2016) Iterating (d 1)/3 refresh is SNI for d < 12
37 Security analysis 12 We analyzed the SNI security of the gadgets composable probing security (Barthe et al. 2016) Iterating (d 1)/3 refresh is SNI for d < 12 Multiplication is more tricky
38 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
39 Specialized encodings 13 Probing security is stronger than BM security (And also stronger than noisy leakage security) Is it sometimes too strong? i.e., breaks designs that are secure against DPA
40 Specialized encodings 13 Probing security is stronger than BM security (And also stronger than noisy leakage security) Is it sometimes too strong? i.e., breaks designs that are secure against DPA Example: Boolean encoding (2 shares) y = y 1 y 2
41 Specialized encodings 13 Probing security is stronger than BM security (And also stronger than noisy leakage security) Is it sometimes too strong? i.e., breaks designs that are secure against DPA Example: Boolean encoding (2 shares) IP masking in GF(2 8 ) with non-mixing leakages 2 y = p i s i i=1 y = y 1 y 2 p 2 = 1 p 2 = 5 p 2 = 7
42 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
43 Continuous security 14 So far we discussed one-shot probing attacks
44 Continuous security 14 So far we discussed one-shot probing attacks Yet, side-channel attacks are usually continuous i.e, accumulate information from multiple executions
45 Continuous security 14 So far we discussed one-shot probing attacks Yet, side-channel attacks are usually continuous i.e, accumulate information from multiple executions Typical issue: refreshing by add a share of 0 Frequently used in practice Yet insecure in the continuous probing model What does it mean concretely? i.e., can we (sometimes) use such a refreshing?
46 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 a 2 a 3 a 4 Accumulated knowledge:
47 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 a 2 a 3 a 4 Accumulated knowledge:
48 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 a 2 a 3 a 4 Accumulated knowledge:
49 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 a 2 a 2 a 3 a 3 a 4 a 4 Accumulated knowledge:
50 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 a 2 a 2 a 3 a 3 a 4 a 4 Accumulated knowledge:
51 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 a 2 a 2 a 3 a 3 a 4 a 4 Accumulated knowledge:
52 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 a 2 a 2 a 3 a 3 a 4 a 4 Accumulated knowledge: a2
53 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 Accumulated knowledge: a2
54 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 Accumulated knowledge: a2
55 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 Accumulated knowledge: a2
56 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 Accumulated knowledge: a2 a3
57 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 After d iterations, a is learned in full by Adv pr
58 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 After d iterations, a is learned in full by Adv pr Not possible in the BMM. Intuition: adaptation does not help since Adv bm can anyway sum over all shares!
59 Continuous probing attack 15 Target: refresh(a) = a r rot(r) step 1 step 2 step 3 a 2 a 2 a 2 a 3 a 3 a 3 a 4 a 4 a 4 After d iterations, a is learned in full by Adv pr Impact: refresh(. ) can be used to refresh the key of a key homomorphic primitive ( fully linear overheads)
60 Outline Introduction / motivation Side-channel attacks and noise Masking and leakage models Bounded moment model Masking intuition & BMM definition Probing security BM security Parallel multiplication (& refreshing) BM security probing security Inner product masking (with non-mixing leakages) Continuous security & refreshing gadgets Conclusions
61 Conclusions 16 Probing security is relevant to parallel implem.
62 Conclusions 16 Probing security is relevant to parallel implem. BMM suggests a principled path to security eval. probing security [DDF14] + noise, noisy leakages security bounded moment security
63 Conclusions 16 Probing security is relevant to parallel implem. BMM suggests a principled path to security eval. probing security [DDF14] + noise, noisy leakages security bounded moment security Parallel implem. are appealing for masking Leverage the memory needed to store shares
64 Conclusions 16 Probing security is relevant to parallel implem. BMM suggests a principled path to security eval. probing security [DDF14] + noise, noisy leakages security bounded moment security Parallel implem. are appealing for masking Leverage the memory needed to store shares Cont. probing security sometimes too strong
65 THANKS
Formal Verification of Masked Implementations
Formal Verification of Masked Implementations Sonia Belaïd Benjamin Grégoire CHES 2018 - Tutorial September 9th 2018 1 / 47 1 Side-Channel Attacks and Masking 2 Formal Tools for Verification at Fixed Order
More informationParallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model Gilles Barthe 1, François Dupressoir 2, Sebastian Faust 3, Benjamin Grégoire 4, François-Xavier Standaert 5, and Pierre-Yves
More informationFormal Verification of Side-Channel Countermeasures
Formal Verification of Side-Channel Countermeasures Sonia Belaïd June 5th 2018 1 / 35 1 Side-Channel Attacks 2 Masking 3 Formal Tools Verification of Masked Implementations at Fixed Order Verification
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Sonia Belaïd Joint Work with Gilles Barthe, Thomas Espitau, Pierre-Alain Fouque, Benjamin Grégoire, Mélissa Rossi, and Mehdi Tibouchi 1 / 31
More informationOn the Use of Masking to Defeat Power-Analysis Attacks
1/32 On the Use of Masking to Defeat Power-Analysis Attacks ENS Paris Crypto Day February 16, 2016 Presented by Sonia Belaïd Outline Power-Analysis Attacks Masking Countermeasure Leakage Models Security
More informationConsolidating Inner Product Masking
Consolidating Inner Product Masking Josep Balasch 1, Sebastian Faust 2,3, Benedikt Gierlichs 1, Clara Paglialonga 2,3, François-Xavier Standaert 4 1 imec-cosic KU euven, Belgium 2 Ruhr-Universität Bochum,
More informationImproved High-Order Conversion From Boolean to Arithmetic Masking
Improved High-Order Conversion From Boolean to Arithmetic Masking Luk Bettale 1, Jean-Sébastien Coron 2, and Rina Zeitoun 1 1 IDEMIA, France luk.bettale@idemia.com, rina.zeitoun@idemia.com 2 University
More informationFormal Verification of Side-channel Countermeasures via Elementary Circuit Transformations
Formal Verification of Side-channel Countermeasures via Elementary Circuit Transformations Jean-Sébastien Coron University of Luxembourg jean-sebastiencoron@unilu April 9, 2018 Abstract We describe a technique
More informationHigh-Order Conversion From Boolean to Arithmetic Masking
High-Order Conversion From Boolean to Arithmetic Masking Jean-Sébastien Coron University of Luxembourg jean-sebastien.coron@uni.lu Abstract. Masking with random values is an effective countermeasure against
More informationAmortizing Randomness Complexity in Private Circuits
Amortizing Randomness Complexity in Private Circuits Sebastian Faust 1,2, Clara Paglialonga 1,2, Tobias Schneider 1,3 1 Ruhr-Universität Bochum, Germany 2 Technische Universität Darmstadt, Germany 3 Université
More informationMasking the GLP Lattice-Based Signature Scheme at any Order
Masking the GLP Lattice-Based Signature Scheme at any Order Gilles Barthe (IMDEA Software Institute) Sonia Belaïd (CryptoExperts) Thomas Espitau (UPMC) Pierre-Alain Fouque (Univ. Rennes I and IUF) Benjamin
More informationCompositional Verification of Higher-Order Masking
Compositional Verification of Higher-Order Masking Application to a Verifying Masking Compiler Gilles Barthe 2, Sonia Belaïd 1,5, François Dupressoir 2, Pierre-Alain Fouque 4,6, and Benjamin Grégoire 3
More informationMaking Masking Security Proofs Concrete
Making Masking Security Proofs Concrete Or How to Evaluate the Security of any Leaking Device Extended Version Alexandre Duc 1, Sebastian Faust 1,2, François-Xavier Standaert 3 1 HEIG-VD, Lausanne, Switzerland
More informationProvable Security against Side-Channel Attacks
Provable Security against Side-Channel Attacks Matthieu Rivain matthieu.rivain@cryptoexperts.com MCrypt Seminar Aug. 11th 2014 Outline 1 Introduction 2 Modeling side-channel leakage 3 Achieving provable
More informationConsolidating Masking Schemes
Consolidating Masking Schemes Oscar Reparaz, Begül Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede firstname.lastname@esat.kuleuven.be KU Leuven ESAT/COSIC and iminds, Belgium Abstract.
More informationFast Evaluation of Polynomials over Binary Finite Fields. and Application to Side-channel Countermeasures
Fast Evaluation of Polynomials over Binary Finite Fields and Application to Side-channel Countermeasures Jean-Sébastien Coron 1, Arnab Roy 1,2, Srinivas Vivek 1 1 University of Luxembourg 2 DTU, Denmark
More informationCircuit Compilers with O(1/ log(n)) Leakage Rate
Circuit Compilers with O(1/ log(n)) Leakage Rate Marcin Andrychowicz 1, Stefan Dziembowski 1, and Sebastian Faust 2 1 University of Warsaw 2 Ruhr University Bochum Abstract. The goal of leakage-resilient
More informationStrong Non-Interference and Type-Directed Higher-Order Masking
Strong Non-Interference and Type-Directed Higher-Order Masking Gilles Barthe 1, Sonia Belaïd 2, François Dupressoir 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Pierre-Yves Strub 6, and Rébecca Zucchini
More informationInner Product Masking for Bitslice Ciphers and Security Order Amplification for Linear Leakages
Inner Product Masking for Bitslice Ciphers and Security Order Amplification for Linear Leakages Weijia Wang 1, François-Xavier Standaert 2, Yu Yu 1,3, Sihang Pu 1, Junrong Liu 1, Zheng Guo 1, and Dawu
More informationInner Product Masking Revisited
Inner Product Masking Revisited Josep Balasch 1, Sebastian Faust 2, and Benedikt Gierlichs 1 1 KU Leuven Dept. Electrical Engineering-ESAT/COSIC and iminds Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee,
More informationMASKING is the most widely deployed countermeasure
1 Corrections to Further Improving Efficiency of Higher-Order Masking Schemes by Decreasing Randomness Complexity Shuang Qiu, Rui Zhang, Yongbin Zhou, Wei Cheng Abstract Provably secure masking schemes
More informationHorizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme
Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme Alberto Battistello 1, Jean-Sébastien Coron 2, Emmanuel Prouff 3, and Rina Zeitoun 1 1 Oberthur Technologies, France {a.battistello,r.zeitoun}@oberthur.com
More informationProvably Secure Higher-Order Masking of AES
Provably Secure Higher-Order Masking of AES Matthieu Rivain 1 and Emmanuel Prouff 2 1 CryptoExperts matthieu.rivain@cryptoexperts.com 2 Oberthur Technologies e.prouff@oberthur.com Abstract. Implementations
More informationImproved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations
Improved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations Gilles Barthe 1, Sonia Belaïd 2, François Dupressoir 3, Pierre-Alain Fouque 4,
More informationImproved Parallel Mask Refreshing Algorithms
Noname manuscript No. (will be inserted by the editor) Improved Parallel Mask Refreshing Algorithms Generic Solutions with Parametrized Non-Interference & Automated Optimizations Gilles Barthe 1 Sonia
More informationOn the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking
On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun Goudarzi and Matthieu Rivain CHES 2016, Santa-Barbara Higher-Order Masking x = x 1 + x 2 + + x d 2/28 Higher-Order
More informationSide-Channel Attacks on Threshold Implementations using a Glitch Algebra
Side-Channel Attacks on Threshold Implementations using a Glitch Algebra Serge Vaudenay EPFL CH-1015 Lausanne, Switzerland http://lasec.epfl.ch Abstract. Threshold implementations allow to implement circuits
More informationLS-Designs. Bitslice Encryption for Efficient Masked Software Implementations
Bitslice Encryption for Efficient Masked Software Implementations Vincent Grosso 1 Gaëtan Leurent 1,2 François Xavier Standert 1 Kerem Varici 1 1 UCL, Belgium 2 Inria, France FSE 2014 G Leurent (UCL,Inria)
More informationSharing Independence & Relabeling: Efficient Formal Verification of Higher-Order Masking
Sharing Independence & Relabeling: Efficient Formal Verification of Higher-Order Masking Roderick Bloem, Hannes Gross, Rinat Iusupov, Martin Krenn, and Stefan Mangard Institute for Applied Information
More informationRevisiting a Masked Lookup-Table Compression Scheme
Revisiting a Masked Lookup-Table Compression Scheme Srinivas Vivek University of Bristol, UK sv.venkatesh@bristol.ac.uk Abstract. Lookup-table based side-channel countermeasure is the prime choice for
More informationFormal Verification of Masked Hardware Implementations in the Presence of Glitches
Formal Verification of Masked Hardware Implementations in the Presence of Glitches Roderick Bloem, Hannes Gross, Rinat Iusupov, Bettina Könighofer, Stefan Mangard, and Johannes Winter Institute for Applied
More informationOn the Practical Security of a Leakage Resilient Masking Scheme
On the Practical Security of a Leakage Resilient Masking Scheme T. Roche thomas.roche@ssi.gouv.fr Joint work with E. Prouff and M. Rivain French Network and Information Security Agency (ANSSI) CryptoExperts
More informationHow Fast Can Higher-Order Masking Be in Software?
How Fast Can Higher-Order Masking Be in Software? Dahmun Goudarzi 1,2 and Matthieu Rivain 1 1 CryptoExperts, Paris, France 2 ENS, CNRS, INRIA and PSL Research University, Paris, France dahmun.goudarzi@cryptoexperts.com
More informationSeveral Masked Implementations of the Boyar-Peralta AES S-Box
Several Masked Implementations of the Boyar-Peralta AES S-Box Ashrujit Ghoshal 1[0000 0003 2436 0230] and Thomas De Cnudde 2[0000 0002 2711 8645] 1 Indian Institute of Technology Kharagpur, India ashrujitg@iitkgp.ac.in
More informationConstant-Time Higher-Order Boolean-to-Arithmetic Masking
Constant-Time Higher-Order Boolean-to-Arithmetic Masking Michael Hutter and Michael Tunstall Cryptography Research, 425 Market Street, 11th Floor, San Francisco, CA 94105, United States {michael.hutter,michael.tunstall}@cryptography.com
More informationLeakage Resilient ElGamal Encryption
Asiacrypt 2010, December 9th, Singapore Outline 1 Hybrid Encryption, the KEM/DEM framework 2 ElGamal KEM 3 Leakage Resilient Crypto Why? How? Other models? 4 Leakage Resilient ElGamal CCA1 secure KEM (Key
More informationConnecting and Improving Direct Sum Masking and Inner Product Masking
Connecting and Improving Direct Sum Masking and Inner Product Masking Romain Poussier 1, Qian Guo 1, François-Xavier Standaert 1, Claude Carlet 2, Sylvain Guilley 3 1 ICTEAM/ELEN/Crypto Group, Université
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Gilles Barthe 1, Sonia Belaïd 2, Thomas Espitau 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Mélissa Rossi 6,7, and Mehdi Tibouchi 8 1 IMDEA
More informationEfficient Masked S-Boxes Processing A Step Forward
Efficient Masked S-Boxes Processing A Step Forward Vincent Grosso 1, Emmanuel Prouff 2, François-Xavier Standaert 1 1 ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Belgium. 2 ANSSI, 51 Bd
More informationEciently Masking Binomial Sampling at Arbitrary Orders for Lattice-Based Crypto
Eciently Masking Binomial Sampling at Arbitrary Orders for Lattice-Based Crypto Tobias Schneider 1, Clara Paglialonga 2, Tobias Oder 3, and Tim Güneysu 3,4 1 ICTEAM/ELEN/Crypto Group, Université Catholique
More informationMasking the GLP Lattice-Based Signature Scheme at Any Order
Masking the GLP Lattice-Based Signature Scheme at Any Order Gilles Barthe 1, Sonia Belaïd 2, Thomas Espitau 3, Pierre-Alain Fouque 4, Benjamin Grégoire 5, Mélissa Rossi 6,7, and Mehdi Tibouchi 8 1 IMDEA
More informationConsolidating Security Notions in Hardware Masking
Consolidating Security Notions in Hardware Masking Lauren De Meyer 1, Begül Bilgin 1,2 and Oscar Reparaz 1,3 1 KU Leuven, imec - COSIC, Leuven, Belgium firstname.lastname@esat.kuleuven.be 2 Rambus, Cryptography
More informationDPA-Resistance without routing constraints?
Introduction Attack strategy Experimental results Conclusion Introduction Attack strategy Experimental results Conclusion Outline DPA-Resistance without routing constraints? A cautionary note about MDPL
More informationOn the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking
On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun Goudarzi 1,2 and Matthieu Rivain 1 1 CryptoExperts, Paris, France 2 ENS, CNRS, INRIA and PSL Research University,
More informationLectures 1&2: Introduction to Secure Computation, Yao s and GMW Protocols
CS 294 Secure Computation January 19, 2016 Lectures 1&2: Introduction to Secure Computation, Yao s and GMW Protocols Instructor: Sanjam Garg Scribe: Pratyush Mishra 1 Introduction Secure multiparty computation
More informationMasking and Dual-rail Logic Don't Add Up
Masking and Dual-rail Logic Don't Add Up Patrick Schaumont schaum@vt.edu Secure Embedded Systems Group ECE Department Kris Tiri kris.tiri@intel.com Digital Enterprise Group Intel Corporation Our Contributions
More informationStart Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling
IEEE TRANSACTIONS ON COMPUTERS, VOL.?, NO.?,?? 1 Start Simple and then Refine: Bias-Variance Decomposition as a Diagnosis Tool for Leakage Profiling Liran Lerman, Nikita Veshchikov, Olivier Markowitch,
More informationAffine Masking against Higher-Order Side Channel Analysis
Affine Masking against Higher-Order Side Channel Analysis Guillaume Fumaroli 1, Ange Martinelli 1, Emmanuel Prouff 2, and Matthieu Rivain 3 1 Thales Communications {guillaume.fumaroli, jean.martinelli}@fr.thalesgroup.com
More informationElliptic Curve Cryptography and Security of Embedded Devices
Elliptic Curve Cryptography and Security of Embedded Devices Ph.D. Defense Vincent Verneuil Institut de Mathématiques de Bordeaux Inside Secure June 13th, 2012 V. Verneuil - Elliptic Curve Cryptography
More informationOptimized Threshold Implementations: Securing Cryptographic Accelerators for Low-Energy and Low-Latency Applications
Optimized Threshold Implementations: Securing Cryptographic Accelerators for Low-Energy and Low-Latency Applications Dušan Božilov 1,2, Miroslav Knežević 1 and Ventzislav Nikov 1 1 NXP Semiconductors,
More informationHow to Compute in the Presence of Leakage
How to Compute in the Presence of Leakage Shafi Goldwasser MIT and The Weizmann Institute of Science Guy N. Rothblum Microsoft Research Abstract We address the following problem: how to execute any algorithm
More informationRhythmic Keccak: SCA Security and Low Latency in HW
Rhythmic Keccak: SCA Security and Low Latency in HW Victor Arribas 1, Begül Bilgin 1, George Petrides 2, Svetla Nikova 1 and Vincent Rijmen 1 1 KU Leuven, imec-cosic, Belgium, name.surname@esat.kuleuven.be
More informationSymbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes
Symbolic Approach for Side-Channel Resistance Analysis of Masked Assembly Codes Workshop PROOFS Inès Ben El Ouahma Quentin Meunier Karine Heydemann Emmanuelle Encrenaz Sorbonne Universités, UPMC Univ Paris
More informationSquare Always Exponentiation
Square Always Exponentiation Christophe Clavier 1 Benoit Feix 1,2 Georges Gagnerot 1,2 Mylène Roussellet 2 Vincent Verneuil 2,3 1 XLIM-Université de Limoges, France 2 INSIDE Secure, Aix-en-Provence, France
More informationInvestigations of Power Analysis Attacks on Smartcards *
Investigations of Power Analysis Attacks on Smartcards * Thomas S. Messerges Ezzy A. Dabbish Robert H. Sloan 1 Dept. of EE and Computer Science Motorola Motorola University of Illinois at Chicago tomas@ccrl.mot.com
More informationTHRESHOLD IMPLEMENTATIONS OF ALL 3x3 AND 4x4 S-BOXES
THRESHOLD IMPLEMENTATIONS OF ALL 3x3 AND 4x4 S-BOXES B.Bilgin, S.Nikova, V.Nikov, V.Rijmen, G.Stütz KU Leuven, UTwente, NXP, TU Graz CHES 2012 - Leuven, Belgium 2012-09-10 Countermeasures Search for a
More informationMasking against Side-Channel Attacks: a Formal Security Proof
Masking against Side-Channel Attacks: a Formal Security Proof Emmanuel Prouff 1 and Matthieu Rivain 2 1 ANSSI emmanuel.prouff@ssi.gouv.fr 2 CryptoExperts matthieu.rivain@cryptoexperts.com Abstract. Masking
More informationCryptanalysis of SP Networks with Partial Non-Linear Layers
Cryptanalysis of SP Networks with Partial Non-Linear Layers Achiya Bar-On 1, Itai Dinur 2, Orr Dunkelman 3, Nathan Keller 1, Virginie Lallemand 4, and Boaz Tsaban 1 1 Bar-Ilan University, Israel 2 École
More informationMasking AES with d + 1 Shares in Hardware
Masking AES with d + 1 Shares in Hardware Thomas De Cnudde 1, Oscar Reparaz 1, Begül Bilgin 1, Svetla Nikova 1, Ventzislav Nikov 2 and Vincent Rijmen 1 1 KU Leuven, ESAT-COSIC and iminds, Belgium {name.surname}@esat.kuleuven.be
More informationImplementing GCM on ARMv8
Introduction........ Implementation....... Results.... Conclusion Implementing GCM on ARMv8 Conrado P. L. Gouvêa Julio López KRYPTUS Information Security Solutions University of Campinas CT-RSA 2015 Conrado
More informationBlock Ciphers that are Easier to Mask: How Far Can we Go?
Block Ciphers that are Easier to Mask: How Far Can we Go? Benoît Gérard, Vincent Grosso, María Naya-Plasencia, François-Xavier Standaert To cite this version: Benoît Gérard, Vincent Grosso, María Naya-Plasencia,
More informationComparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
International Conference on Manufacturing Science and Engineering (ICMSE 2015) Comparison of some mask protections of DES against power analysis Kai Cao1,a, Dawu Gu1,b, Zheng Guo1,2,c and Junrong Liu1,2,d
More informationHow to Evaluate Side-Channel Leakages
How to Evaluate Side-Channel Leakages 7. June 2017 Ruhr-Universität Bochum Acknowledgment Tobias Schneider 2 Motivation Security Evaluation Attack based Testing Information theoretic Testing Testing based
More informationHigh (Physical) Security & Lightweight (Symmetric) Cryptography
High (Physical) Security & Lightweight (Symmetric) Cryptography François-Xavier Standaert UCL Crypto Group, Belgium HIGHLIGHT LIGHTCRYPTO, November 2016 Outline Preliminary questions / definitions Side-channel
More informationRandom Delay Insertion: Effective Countermeasure against DPA on FPGAs
Random Delay Insertion: Effective Countermeasure against DPA on FPGAs Lu, Yingxi Dr. Máire O Neill Prof. John McCanny Overview September 2004 PRESENTATION OUTLINE DPA and countermeasures Random Delay Insertion
More informationYet another side-channel attack: Multi-linear Power Analysis attack (MLPA)
Yet another side-channel attack: Multi-linear Power Analysis attack (MLPA) Thomas Roche, Cédric Tavernier Laboratoire LIG, Grenoble, France. Communications and Systems, Le Plessis Robinson, France. Cryptopuces
More informationTheory and Practice of a Leakage Resilient Masking Scheme
Theory and Practice of a Leakage Resilient Masking Scheme Josep Balasch 1, Sebastian Faust 2, Benedikt Gierlichs 1, and Ingrid Verbauwhede 1 1 KU Leuven Dept. Electrical Engineering-ESAT/SCD-COSIC and
More informationPROTECTING CIRCUITS FROM COMPUTATIONALLY BOUNDED AND NOISY LEAKAGE
SIAM J. COMPUT. Vol. 43, No. 5, pp. 1564 1614 c 2014 the Authors PROTECTING CIRCUITS FROM COMPUTATIONALLY BOUNDED AND NOISY LEAKAGE SEBASTIAN FAUST, TAL RABIN, LEONID REYZIN, ERAN TROMER, AND VINOD VAIKUNTANATHAN
More informationHigher-Order Glitches Free Implementation of the AES using Secure Multi-Party Computation Protocols
Higher-Order Glitches Free Implementation of the AES using Secure Multi-Party Computation Protocols Emmanuel Prouff 1 and Thomas Roche 2 1 Oberthur Technologies, 71-73, rue des Hautes Pâtures 92726 Nanterre,
More informationOn the Masking Countermeasure and Higher-Order Power Analysis Attacks
1 On the Masking Countermeasure and Higher-Order Power Analysis Attacks François-Xavier Standaert, Eric Peeters, Jean-Jacques Quisquater UCL Crypto Group, Place du Levant, 3, B-1348 Louvain-La-Neuve, Belgium.
More informationOn the Use of Shamir s Secret Sharing Against Side-Channel Analysis
On the Use of Shamir s Secret Sharing Against Side-Channel Analysis Jean-Sébastien Coron 1, Emmanuel Prouff 2, and Thomas Roche 2 1 Tranef jscoron@tranef.com 2 ANSSI, 51, Bd de la Tour-Maubourg, 75700
More informationPractical Free-Start Collision Attacks on full SHA-1
Practical Free-Start Collision Attacks on full SHA-1 Inria and École polytechnique, France Nanyang Technological University, Singapore Joint work with Thomas Peyrin and Marc Stevens Séminaire Cryptologie
More informationSIDE Channel Analysis (SCA in short) exploits information. Statistical Analysis of Second Order Differential Power Analysis
1 Statistical Analysis of Second Order Differential Power Analysis Emmanuel Prouff 1, Matthieu Rivain and Régis Bévan 3 Abstract Second Order Differential Power Analysis O- DPA is a powerful side channel
More informationMaking the Best of a Leaky Situation: Zero-Knowledge PCPs from Leakage-Resilient Circuits
Making the Best of a Leaky Situation: Zero-Knowledge PCPs from Leakage-Resilient Circuits Yuval Ishai Mor Weiss Guang Yang Abstract A Probabilistically Checkable Proof PCP) allows a randomized verifier,
More informationFully Homomorphic Encryption over the Integers
Fully Homomorphic Encryption over the Integers Many slides borrowed from Craig Marten van Dijk 1, Craig Gentry 2, Shai Halevi 2, Vinod Vaikuntanathan 2 1 MIT, 2 IBM Research Computing on Encrypted Data
More informationSide-channel attacks on PKC and countermeasures with contributions from PhD students
basics Online Side-channel attacks on PKC and countermeasures (Tutorial @SPACE2016) with contributions from PhD students Lejla Batina Institute for Computing and Information Sciences Digital Security Radboud
More informationWhite-Box Cryptography
White-Box Cryptography Matthieu Rivain CARDIS 2017 How to protect a cryptographic key? How to protect a cryptographic key? Well, put it in a smartcard of course!... or any piece of secure hardware But...
More informationA Sound Method for Switching between Boolean and Arithmetic Masking
A Sound Method for Switching between Boolean and Arithmetic Masking Louis Goubin CP8 Crypto Lab, SchlumbergerSema 36-38 rue de la Princesse, BP45 78430 Louveciennes Cedex, France Louis.Goubin@louveciennes.tt.slb.com
More informationFaster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds
Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds I. Chillotti 1 N. Gama 2,1 M. Georgieva 3 M. Izabachène 4 1 2 3 4 Séminaire GTBAC Télécom ParisTech April 6, 2017 1 / 43 Table
More informationBlock Ciphers and Side Channel Protection
Block Ciphers and Side Channel Protection Gregor Leander ECRYPT-CSA@CHANIA-2017 Main Idea Side-Channel Resistance Without protection having a strong cipher is useless Therefore: Masking necessary Usual
More informationProtecting AES with Shamir s Secret Sharing Scheme
Protecting AES with Shamir s Secret Sharing Scheme Louis Goubin 1 and Ange Martinelli 1,2 1 Versailles Saint-Quentin-en-Yvelines University Louis.Goubin@prism.uvsq.fr 2 Thales Communications jean.martinelli@fr.thalesgroup.com
More informationA Composition Theorem for Universal One-Way Hash Functions
A Composition Theorem for Universal One-Way Hash Functions Victor Shoup IBM Zurich Research Lab, Säumerstr. 4, 8803 Rüschlikon, Switzerland sho@zurich.ibm.com Abstract. In this paper we present a new scheme
More informationDifferential Power Analysis Attacks Based on the Multiple Correlation Coefficient Xiaoke Tang1,a, Jie Gan1,b, Jiachao Chen2,c, Junrong Liu3,d
4th International Conference on Sensors, Measurement and Intelligent Materials (ICSMIM 2015) Differential Power Analysis Attacks Based on the Multiple Correlation Coefficient Xiaoke Tang1,a, Jie Gan1,b,
More informationTrapdoor Computational Fuzzy Extractors
1 Trapdoor Computational Fuzzy Extractors Charles Herder, Ling Ren, Marten van Dijk, Meng-Day (Mandel) Yu, Srinivas Devadas cherder@mit.edu, renling@mit.edu, vandijk@engr.uconn.edu, myu@verayo.com, devadas@mit.edu
More informationAn Introduction to Quantum Information and Applications
An Introduction to Quantum Information and Applications Iordanis Kerenidis CNRS LIAFA-Univ Paris-Diderot Quantum information and computation Quantum information and computation How is information encoded
More informationHardware implementations of ECC
Hardware implementations of ECC The University of Electro- Communications Introduction Public- key Cryptography (PKC) The most famous PKC is RSA and ECC Used for key agreement (Diffie- Hellman), digital
More informationFaster Evaluation of S-Boxes via Common Shares
Faster Evaluation of S-Boxes via Common Shares J-S. Coron, A. Greuet, E. Prouff, R. Zeitoun F.Rondepierre CHES 2016 CHES 2016 1 S-Box Evaluation AES By definition: S AES (x) = A x 254 + b F 2 8[x] CHES
More informationHigher-Order Threshold Implementations
Higher-Order Threshold Implementations Begül Bilgin 1,2, Benedikt Gierlichs 1, Svetla Nikova 1, Ventzislav Nikov 3, and Vincent Rijmen 1 1 KU Leuven, ESAT-COSIC and iminds, Belgium {name.surname}@esat.kuleuven.be
More informationLeakage-Resilient Symmetric Cryptography Under Empirically Verifiable Assumptions
Leakage-Resilient Symmetric Cryptography Under Empirically Verifiable Assumptions François-Xavier Standaert 1, Olivier Pereira 1, Yu Yu 2 1 ICTEAM/ELEN/Crypto Group, Université catholique de Louvain, Belgium.
More informationGF(2 m ) arithmetic: summary
GF(2 m ) arithmetic: summary EE 387, Notes 18, Handout #32 Addition/subtraction: bitwise XOR (m gates/ops) Multiplication: bit serial (shift and add) bit parallel (combinational) subfield representation
More informationTemplate Attacks with Partial Profiles and Dirichlet Priors: Application to Timing Attacks June 18, 2016
Template Attacks with Partial Profiles and Dirichlet Priors: Application to Timing Attacks June 18, 2016 Eloi de Chérisey, Sylvain Guilley, Darshana Jayasinghe and Olivier Rioul Contents Introduction Motivations
More informationA Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks François-Xavier Standaert 1, Tal G. Malkin 2, Moti Yung 2,3 1 UCL Crypto Group, Université Catholique de Louvain. 2 Dept. of Computer
More informationGeneralized Polynomial Decomposition for S-boxes with Application to Side-Channel Countermeasures
Generalized Polynomial Decomposition for S-boxes with Application to Side-Channel Countermeasures Dahmun Goudarzi 1,2, Matthieu Rivain 1, Damien Vergnaud 2, and Srinivas Vivek 3 1 CryptoExperts, Paris,
More informationLeakage Resilient Cryptography in Practice
Leakage Resilient Cryptography in Practice François-Xavier Standaert 1, Olivier Pereira 1, Yu Yu 1, Jean-Jacques Quisquater 1, Moti Yung 2,3, Elisabeth Oswald 4 1 Université catholique de Louvain, Crypto
More informationNew polynomials for strong algebraic manipulation detection codes 1
Fifteenth International Workshop on Algebraic and Combinatorial Coding Theory June 18-24, 2016, Albena, Bulgaria pp. 7 12 New polynomials for strong algebraic manipulation detection codes 1 Maksim Alekseev
More informationA Simple Architectural Enhancement for Fast and Flexible Elliptic Curve Cryptography over Binary Finite Fields GF(2 m )
A Simple Architectural Enhancement for Fast and Flexible Elliptic Curve Cryptography over Binary Finite Fields GF(2 m ) Stefan Tillich, Johann Großschädl Institute for Applied Information Processing and
More informationFast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries
Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel lindell@biu.ac.il February 8, 2015 Abstract In the setting
More informationPractical Free-Start Collision Attacks on 76-step SHA-1
Practical Free-Start Collision Attacks on 76-step SHA-1 Inria and École polytechnique, France Nanyang Technological University, Singapore Joint work with Thomas Peyrin and Marc Stevens CWI, Amsterdam 2015
More informationQuantum Differential and Linear Cryptanalysis
Quantum Differential and Linear Cryptanalysis Marc Kaplan 1,2 Gaëtan Leurent 3 Anthony Leverrier 3 María Naya-Plasencia 3 1 LTCI, Télécom ParisTech 2 School of Informatics, University of Edinburgh 3 Inria
More informationRSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis. Daniel Genkin, Adi Shamir, Eran Tromer
RSA Key Extraction via Low- Bandwidth Acoustic Cryptanalysis Daniel Genkin, Adi Shamir, Eran Tromer Mathematical Attacks Input Crypto Algorithm Key Output Goal: recover the key given access to the inputs
More information