Skip to main content
SpringerLink
Log in

Combined Fault and Leakage Resilience: Composability, Constructions and Compiler

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2023 (CRYPTO 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14083))

Included in the following conference series:

  • 1028 Accesses

Abstract

Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant.

This work presents a compiler based on polynomial masking that achieves linear computational complexity for affine functions and cubic complexity for non-linear functions. The resulting compiler is secure against attackers using region probes and adaptive faults. In addition, the notion of fault-invariance is introduced to improve security against combined attacks without the need to consider all possible fault combinations. Our approach has the best-known asymptotic efficiency among all known approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In the full version we show that the construction has a bug.

  2. 2.

    Alternatively, we give a straight forward proof of Theorem 1 in the full version.

References

  1. Aly, A., Ashur, T., Ben-Sasson, E., Dhooghe, S., Szepieniec, A.: Design of symmetric-key primitives for advanced cryptographic protocols. IACR Trans. Symm. Cryptol. 2020(3), 1–45 (2020)

    Google Scholar 

  2. Andrychowicz, M., Dziembowski, S., Faust, S.: Circuit compilers with \(O(1/\log (n))\) leakage rate. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. Part II, volume 9666 of LNCS, pp. 586–615. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_21

    Chapter  Google Scholar 

  3. Albrecht, M., Grassi, L., Rechberger, C., Roy, A., Tiessen, T.: MiMC: efficient encryption and cryptographic hashing with minimal multiplicative complexity. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 191–219. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_7

    Chapter  Google Scholar 

  4. Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 430–454. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_17

    Chapter  Google Scholar 

  5. Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P.-A., Grégoire, B., Strub, P.-Y.: Verified proofs of higher-order masking. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 457–485. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_18

    Chapter  Google Scholar 

  6. Barthe, G.: Strong non-interference and type-directed higher-order masking. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S., (eds.) ACM CCS 2016, pp. 116–129. ACM Press (October 2016)

    Google Scholar 

  7. Battistello, A., Coron, J.-S., Prouff, E., Zeitoun, R.: Horizontal side-channel attacks and countermeasures on the ISW masking scheme. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 23–39. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_2

    Chapter  Google Scholar 

  8. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_19

    Chapter  Google Scholar 

  9. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: 20th ACM STOC, pp. 1–10. ACM Press (May 1988)

    Google Scholar 

  10. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052259

    Chapter  Google Scholar 

  11. Bronchain, O., Standaert, F.X.: Breaking masked implementations with many shares on 32-bit software platforms. IACR TCHES 2021(3), 202–234 (2021). https://tches.iacr.org/index.php/TCHES/article/view/8973

  12. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 10. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17650-0_5

    Chapter  Google Scholar 

  13. Clavier, C.: Secret external encodings do not prevent transient fault analysis. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 181–194. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_13

    Chapter  Google Scholar 

  14. De Cnudde, T., Nikova, S.: More efficient private circuits II through threshold implementations. In: FDTC 2016, pp. 114–124. IEEE Computer Society (2016)

    Google Scholar 

  15. Coron, J.-S., Prouff, E., Roche, T.: On the use of shamir’s secret sharing against side-channel analysis. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 77–90. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37288-9_6

    Chapter  Google Scholar 

  16. Cassiers, G., Standaert, F.-X.: Trivially and efficiently composing masked gadgets with probe isolating non-interference. IEEE Trans. Inf. Forensics Secur. 15, 2542–2555 (2020)

    Article  Google Scholar 

  17. Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 423–440. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_24

    Chapter  Google Scholar 

  18. Dobraunig, C., Eichlseder, M., Korak, T., Mangard, S., Mendel, F., Primas, R.: SIFA: Exploiting ineffective fault inductions on symmetric cryptography. IACR TCHES 2018(3), 547–572 (2018). https://tches.iacr.org/index.php/TCHES/article/view/7286

  19. Dhooghe, S., Nikova, S.: My gadget just cares for me - how NINA can prove security against combined attacks. Cryptology ePrint Archive, Report 2019/615 (2019). https://eprint.iacr.org/2019/615

  20. Dhooghe, S., Nikova, S.: Let’s tessellate: tiling for security against advanced probe and fault adversaries. In: Liardet, P.-Y., Mentens, N. (eds.) CARDIS 2020. LNCS, vol. 12609, pp. 181–195. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68487-7_12

    Chapter  Google Scholar 

  21. Dhooghe, S., Nikova, S.: My gadget just cares for me - how NINA can prove security against combined attacks. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 35–55. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-40186-3_3

    Chapter  Google Scholar 

  22. Feldtkeller, J., Richter-Brockmann, J., Sasdrich, P., Güneysu, T.: CINI MINIS: domain isolation for fault and combined security. In: CCS, pp. 1023–1036. ACM (2022)

    Google Scholar 

  23. Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., Schofnegger, M.: Poseidon: A new hash function for zero-knowledge proof systems. In: Bailey, M., Greenstadt, R., (eds.) USENIX Security 2021, pp. 519–535. USENIX Association (August 2021)

    Google Scholar 

  24. Grassi, L., Lüftenegger, R., Rechberger, C., Rotaru, D., Schofnegger, M.: On a generalization of substitution-permutation networks: The HADES design strategy. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12106, pp. 674–704. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45724-2_23

    Chapter  Google Scholar 

  25. Goubin, L., Martinelli, A.: Protecting AES with shamir’s secret sharing scheme. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 79–94. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_6

    Chapter  Google Scholar 

  26. Goudarzi, D., Prest, T., Rivain, M., Vergnaud, D.: Probing security through input-output separation and revisited quasilinear masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 599–640 (2021)

    Article  Google Scholar 

  27. Ha, J., Kim, S., Lee, B., Lee, J., Son, M.: Rubato: Noisy ciphers for approximate homomorphic encryption. In: Dunkelman, O., Dziembowski, S., (eds) EUROCRYPT 2022, Part I. LNCS, vol. 13275, pp. 581–610. Springer, Heidelberg (May/June 2022). https://doi.org/10.1007/978-3-031-06944-4_20

  28. Ishai, Y., Prabhakaran, M., Sahai, A., Wagner, D.: Private Circuits II: keeping secrets in tamperable circuits. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 308–327. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_19

    Chapter  MATH  Google Scholar 

  29. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_27

    Chapter  Google Scholar 

  30. Luo, P., Fei, Y., Zhang, L., Ding, A.A.: Side-channel power analysis of different protection schemes against fault attacks on AES. In: ReConFig 2014, pp. 1–6. IEEE (2014)

    Google Scholar 

  31. Oren, Y., Renauld, M., Standaert, F.-X., Wool, A.: Algebraic side-channel attacks beyond the hamming weight leakage model. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 140–154. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33027-8_9

    Chapter  Google Scholar 

  32. Reparaz, O., De Meyer, L., Bilgin, B., Arribas, V., Nikova, S., Nikov, V., Smart, N.P.: CAPA: The spirit of beaver against physical attacks. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. Part I, volume 10991 of LNCS, pp. 121–151. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-319-96884-1_5

    Chapter  Google Scholar 

  33. Regazzoni, F., Eisenbarth, T., Breveglieri, L., Ienne, P., Koren, I.: Can knowledge regarding the presence of countermeasures against fault attacks simplify power attacks on cryptographic devices? In: Bolchini, C., Kim, Y.-B., Gizopoulos, D., Tehranipoor, M., (eds.) DFT 2008, pp. 202–210. IEEE Computer Society (2008)

    Google Scholar 

  34. Richter-Brockmann, J., Feldtkeller, J., Sasdrich, P., Güneysu, T.: VERICA - verification of combined attacks automated formal verification of security against simultaneous information leakage and tampering. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(4), 255–284 (2022)

    Article  Google Scholar 

  35. Roche, T., Prouff, E.: Higher-order glitch free implementation of the AES using secure multi-party computation protocols - extended version. J. Cryptogr. Eng. 2(2), 111–127 (2012)

    Article  Google Scholar 

  36. Seker, O., Fernandez-Rubio, A., Eisenbarth, T., Steinwandt, R.: Extending glitch-free multiparty protocols to resist fault injection attacks. IACR TCHES 2018(3), 394–430 (2018). https://tches.iacr.org/index.php/TCHES/article/view/7281

  37. Schneider, T., Moradi, A., Güneysu, T.: ParTI – towards combined hardware countermeasures against side-channel and fault-injection attacks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 302–332. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_11

    Chapter  Google Scholar 

  38. Veyrat-Charvillon, N., Gérard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 282–296. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_15

    Chapter  Google Scholar 

Download references

Acknowledgment

This work was partly supported by the German Research Foundation (DFG) via the DFG CRC 1119 CROSSING (project S7), by the German Federal Ministry of Education and Research (BMBF) and the Hessen State Ministry for Higher Education, Research and the Arts within their joint support of the National Research Center for Applied Cybersecurity ATHENE, and by the European Commission(ERCEA), ERC Grant Agreement 101044770 CRYPTOLAYER. This work has been partially supported by BMBF through the VE-Jupiter project. We thank the anonymous reviewers for the helpful support.

Author information

Authors and Affiliations

  1. Institute for Theoretical Computer Science, University of Lübeck, Lübeck, Germany

    Sebastian Berndt

  2. Institute for IT Security, University of Lübeck, Lübeck, Germany

    Thomas Eisenbarth

  3. TU Darmstadt, Darmstadt, Germany

    Sebastian Faust & Maximilian Orlt

  4. Hamburg University of Technology, Hamburg, Germany

    Marc Gourjon

  5. NXP Semiconductors, Hamburg, Germany

    Marc Gourjon & Okan Seker

Authors
  1. Sebastian Berndt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Eisenbarth
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sebastian Faust
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Marc Gourjon
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Maximilian Orlt
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Okan Seker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sebastian Faust .

Editor information

Editors and Affiliations

  1. Rambus Inc., San Jose, CA, USA

    Helena Handschuh

  2. Brown University, Providence, RI, USA

    Anna Lysyanskaya

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Berndt, S., Eisenbarth, T., Faust, S., Gourjon, M., Orlt, M., Seker, O. (2023). Combined Fault and Leakage Resilience: Composability, Constructions and Compiler. In: Handschuh, H., Lysyanskaya, A. (eds) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. Lecture Notes in Computer Science, vol 14083. Springer, Cham. https://doi.org/10.1007/978-3-031-38548-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-38548-3_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-38547-6

  • Online ISBN: 978-3-031-38548-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation