Skip to main content
SpringerLink
Log in

Higher-Order Masking Scheme for Trivium Hardware Implementation

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13837))

Included in the following conference series:

  • 631 Accesses

Abstract

Trivium as a representative stream cipher has been adopted by ISO/IEC in 2012. It can be foreseen that Trivium will be widely used to achieve the goal of information security. In practice, probing attacks can be used to recover key bits used by an implementation of Trivium under the (glitch-extended) probing model. In light of this, higher-order masking scheme secure under the glitch-extended probing model should be proposed for Trivium. Inspired by the ideas of the DOM masking scheme proposed by Gross et al. and the CHES 2021 masking scheme proposed by Shahmirzadi et al., we propose two versions of higher-order masking scheme for Trivium. We analyze the security of two versions of higher-order masking scheme under the glitch-extended probing model. Then, the performance of two versions of higher-order masking scheme is evaluated on ASIC and FPGA with or without the pipeline technique, and meaningful observations are obtained. Overall, higher-order masking schemes that are secure under the glitch-extended probing model are proposed for Trivium and their performances are evaluated on typical hardware platforms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  2. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_26

    Chapter  Google Scholar 

  3. Coron, J.-S., Goubin, L.: On Boolean and arithmetic masking against differential power analysis. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 231–237. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44499-8_18

    Chapter  MATH  Google Scholar 

  4. Coron, J.-S., Kizhvatov, I.: An efficient method for random delay generation in embedded software. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 156–170. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_12

    Chapter  MATH  Google Scholar 

  5. De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_18

    Chapter  Google Scholar 

  6. eSTREAM: Ecrypt stream cipher project. http://www.ecrypt.eu.org/stream

  7. Faust, S., Grosso, V., Merino Del Pozo, S., Paglialonga, C., Standaert, F.X.: Composable masking schemes in the presence of physical defaults & the robust probing model. IACR Trans. Cryptogr. Hardware Embed. Syst. 89–120 (2018). https://doi.org/10.13154/tches.v2018.i3.89-120

  8. Fischer, W., Gammel, B.M., Kniffler, O., Velten, J.: Differential power analysis of stream ciphers. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 257–270. Springer, Heidelberg (2006). https://doi.org/10.1007/11967668_17

    Chapter  Google Scholar 

  9. Fu, X., Wang, X., Dong, X., Meier, W.: A key-recovery attack on 855-round Trivium. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 160–184. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_6

    Chapter  Google Scholar 

  10. Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P., et al.: A testing methodology for side-channel resistance validation. In: NIST Non-invasive Attack Testing Workshop, vol. 7, pp. 115–136 (2011)

    Google Scholar 

  11. Gross, H., Mangard, S.: A unified masking approach. J. Cryptogr. Eng. 8(2), 109–124 (2018). https://doi.org/10.1007/s13389-018-0184-y

    Article  Google Scholar 

  12. Groß, H., Mangard, S., Korak, T.: Domain-oriented masking: compact masked hardware implementations with arbitrary protection order. In: TIS@ CCS, p. 3 (2016)

    Google Scholar 

  13. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27

    Chapter  Google Scholar 

  14. ISO/IEC: Information technology - Security techniques - Lightweight cryptography - Part 3: Stream ciphers. Standard, International Organization for Standardization, Geneva, CH (2012)

    Google Scholar 

  15. Jia, Y., Hu, Y., Wang, F., Wang, H.: Correlation power analysis of Trivium. Secur. Commun. Netw. 5(5), 479–484 (2012)

    Article  Google Scholar 

  16. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  17. Mangard, S., Popp, T., Gammel, B.M.: Side-channel leakage of masked CMOS gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351–365. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_24

    Chapter  Google Scholar 

  18. Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_12

    Chapter  Google Scholar 

  19. Mangard, S., Schramm, K.: Pinpointing the side-channel leakage of masked AES hardware implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_7

    Chapter  Google Scholar 

  20. Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44499-8_19

    Chapter  Google Scholar 

  21. Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006). https://doi.org/10.1007/11935308_38

    Chapter  MATH  Google Scholar 

  22. Reparaz, O., Bilgin, B., Nikova, S., Gierlichs, B., Verbauwhede, I.: Consolidating masking schemes. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 764–783. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_37

    Chapter  Google Scholar 

  23. Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_25

    Chapter  Google Scholar 

  24. Shahmirzadi, A.R., Moradi, A.: Re-consolidating first-order masking schemes: nullifying fresh randomness. IACR Trans. Cryptogr. Hardware Embed. Syst. 305–342 (2021)

    Google Scholar 

  25. Shahmirzadi, A.R., Moradi, A.: Second-order SCA security with almost no fresh randomness. IACR Trans. Cryptogr. Hardw. Embed. Syst. 708–755 (2021)

    Google Scholar 

  26. Standaert, F.-X.: How (not) to use Welch’s T-test in side-channel security evaluations. In: Bilgin, B., Fischer, J.-B. (eds.) CARDIS 2018. LNCS, vol. 11389, pp. 65–79. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15462-2_5

    Chapter  Google Scholar 

  27. Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_44

    Chapter  Google Scholar 

  28. Xilinx: 7 series FPGAs data sheet: Overview. https://www.xilinx.com

  29. Xilinx: Vivado design suite - HLx editions. https://www.xilinx.com/products/design-tools/vivado.html

  30. Ye, C.D., Tian, T., Zeng, F.Y.: The MILP-aided conditional differential attack and its application to Trivium. Des. Codes Crypt. 89(2), 317–339 (2021)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Key Research and Development Program of China [No. 2020YFB1805402], the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province [Grant No. SKLACSS-202116] and the National Natural Science Foundation of China [Grants No. 61872359, No. 61936008 and No. 62272451].

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Bohan Li, Hailong Zhang & Dongdai Lin

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Bohan Li, Hailong Zhang & Dongdai Lin

Authors
  1. Bohan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hailong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dongdai Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hailong Zhang .

Editor information

Editors and Affiliations

  1. Institute of Information Engineering, CAS, Beijing, China

    Yi Deng

  2. Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, B., Zhang, H., Lin, D. (2023). Higher-Order Masking Scheme for Trivium Hardware Implementation. In: Deng, Y., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2022. Lecture Notes in Computer Science, vol 13837. Springer, Cham. https://doi.org/10.1007/978-3-031-26553-2_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-26553-2_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-26552-5

  • Online ISBN: 978-3-031-26553-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation