Skip to main content
Springer Nature Link
Log in

Does Coupling Affect the Security of Masked Implementations?

  • Conference paper
  • First Online:
Constructive Side-Channel Analysis and Secure Design (COSADE 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10348))

  • 1380 Accesses

Abstract

Masking schemes achieve provable security against side-channel analysis by using secret sharing to decorrelate key-dependent intermediate values of the cryptographic algorithm and side-channel information. Masking schemes make assumptions on how the underlying leakage mechanisms of hardware or software behave to account for various physical effects. In this paper, we investigate the effect of the physical placement on the security using leakage assessment on power measurements collected from an FPGA. In order to differentiate other masking failures, we use threshold implementations as masking scheme in conjunction with a high-entropy pseudorandom number generator. We show that we can observe differences in—possibly—exploitable leakage by placing functions corresponding to different shares of a cryptographic implementation in close proximity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Research Center for Information Security: National Institute of Advanced Industrial Science and Technology, Side-channel Attack Standard Evaluation Board SASEBO-G Specification. http://satoh.cs.uec.ac.jp/SASEBO/en/board/sasebo-g.html

  2. Research Center for Information Security: National Institute of Advanced Industrial Science and Technology, Side-channel Attack Standard Evaluation Board SASEBO-GII Specification. http://www.rcis.aist.go.jp/special/SASEBO/SASEBO-GII-en.html

  3. Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64–81. Springer, Cham (2015). doi:10.1007/978-3-319-16763-3_5

    Google Scholar 

  4. Bhooshan, R., Rao, B.P.: Optimum IR drop models for estimation of metal resource requirements for power distribution network. In: VLSI-SoC, pp. 292–295. IEEE (2007)

    Google Scholar 

  5. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Higher-order threshold implementations. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 326–343. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45608-8_18

    Google Scholar 

  6. Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: A more efficient aes threshold implementation. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT 2014. LNCS, vol. 8469, pp. 267–284. Springer, Cham (2014). doi:10.1007/978-3-319-06734-6_17

    Chapter  Google Scholar 

  7. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  8. Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04138-9_20

    Chapter  Google Scholar 

  9. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_26

    Chapter  Google Scholar 

  10. Chen, C., Farmani, M., Eisenbarth, T.: A tale of two shares: why two-share threshold implementation seems worthwhile—and why it is not. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 819–843. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53887-6_30

    Chapter  Google Scholar 

  11. Chen, Z., Haider, S., Schaumont, P.: Side-channel leakage in masked circuits caused by higher-order circuit effects. In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 327–336. Springer, Heidelberg (2009). doi:10.1007/978-3-642-02617-1_34

    Chapter  Google Scholar 

  12. De Cnudde, T., Bilgin, B., Reparaz, O., Nikov, V., Nikova, S.: Higher-order threshold implementation of the aes s-box. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 259–272. Springer, Cham (2016). doi:10.1007/978-3-319-31271-2_16

    Chapter  Google Scholar 

  13. De Cnudde, T., Reparaz, O., Bilgin, B., Nikova, S., Nikov, V., Rijmen, V.: Masking AES with \(d+1\) shares in hardware. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 194–212. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53140-2_10

    Google Scholar 

  14. Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Rohatgi, P.: Test vector leakage assessment (TVLA) methodology in practice. In: International Cryptographic Module Conference (2013). http://icmc-2013.org/wp/wp-content/uploads/2013/09/goodwillkenworthtestvector.pdf

  15. Duan, C., LaMeres, B.J., Khatri, S.P.: On and Off-Chip Crosstalk Avoidance in VLSI Design. Springer, New York (2010). doi:10.1007/978-1-4419-0947-3

    Book  Google Scholar 

  16. Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P.-A., Grégoire, B., Strub, P.-Y.: Verified proofs of higher-order masking. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 457–485. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_18

    Google Scholar 

  17. Dyrkolbotn, G.O., Wold, K., Snekkenes, E.: Security implications of crosstalk in switching cmos gates. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 269–275. Springer, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_23

    Chapter  Google Scholar 

  18. Dyrkolbotn, G.O., Wold, K., Snekkenes, E.: Layout dependent phenomena a new side-channel power model. JCP 7(4), 827–837 (2012)

    Article  Google Scholar 

  19. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001). doi:10.1007/3-540-44709-1_21

    Chapter  Google Scholar 

  20. Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop (2011). http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf

  21. Goubin, L., Patarin, J.: DES and differential power analysis the “duplication” method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999). doi:10.1007/3-540-48059-5_15

    Chapter  Google Scholar 

  22. Guntur, H., Ishii, J., Satoh, A.: Side-channel attack user reference architecture board sakura-g. In: 2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE), pp. 271–274, October 2014

    Google Scholar 

  23. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45146-4_27

    Chapter  Google Scholar 

  24. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9

    Google Scholar 

  25. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). doi:10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  26. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)

    MATH  Google Scholar 

  27. Mangard, S., Schramm, K.: Pinpointing the side-channel leakage of masked aes hardware implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006). doi:10.1007/11894063_7

    Chapter  Google Scholar 

  28. Moll, F., Roca, M., Isern, E.: Analysis of dissipation energy of switching digital CMOS gates with coupled outputs. Microelectron. J. 34(9), 833–842 (2003)

    Article  Google Scholar 

  29. Moradi, A.: Side-channel leakage through static power. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 562–579. Springer, Heidelberg (2014). doi:10.1007/978-3-662-44709-3_31

    Google Scholar 

  30. Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: a very compact and a threshold implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_6

    Chapter  Google Scholar 

  31. Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529–545. Springer, Heidelberg (2006). doi:10.1007/11935308_38

    Chapter  Google Scholar 

  32. Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of non-linear functions in the presence of glitches. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 218–234. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00730-9_14

    Chapter  Google Scholar 

  33. Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  34. Poschmann, A., Moradi, A., Khoo, K., Lim, C., Wang, H., Ling, S.: Side-channel resistant crypto for less than 2, 300 GE. J. Cryptol. 24(2), 322–345 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  35. Prouff, E., Roche, T.: Higher-order glitches free implementation of the AES using secure multi-party computation protocols. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 63–78. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_5

    Chapter  Google Scholar 

  36. Quisquater, J.-J., Samyde, D.: ElectroMagnetic analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001). doi:10.1007/3-540-45418-7_17

    Chapter  Google Scholar 

  37. Rabaey, J.M.: Digital Integrated Circuits: A Design Perspective. Prentice-Hall Inc., Upper Saddle River (1996)

    Google Scholar 

  38. Schmidt, J.-M., Plos, T., Kirschbaum, M., Hutter, M., Medwed, M., Herbst, C.: Side-channel leakage across borders. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 36–48. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12510-2_4

    Chapter  Google Scholar 

  39. Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48324-4_25

    Chapter  Google Scholar 

  40. Schneider, T., Moradi, A.: Leakage assessment methodology - extended version. J. Cryptogr. Eng. 6(2), 85–99 (2016)

    Article  Google Scholar 

  41. Schneider, T., Moradi, A., Güneysu, T.: Arithmetic addition over boolean masking. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 559–578. Springer, Cham (2015). doi:10.1007/978-3-319-28166-7_27

    Chapter  Google Scholar 

  42. Trichina, E., Korkishko, T., Lee, K.H.: Small size, low power, side channel-immune AES coprocessor: design and synthesis results. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2004. LNCS, vol. 3373, pp. 113–127. Springer, Heidelberg (2005). doi:10.1007/11506447_10

    Chapter  Google Scholar 

  43. Wild, A., Moradi, A., Güneysu, T.: Evaluating the duplication of dual-rail precharge logics on FPGAs. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 81–94. Springer, Cham (2015). doi:10.1007/978-3-319-21476-4_6

    Chapter  Google Scholar 

  44. Xilinx: Constraints guide 10.1. http://www.xilinx.com/itp/xilinx10/books/docs/cgd/cgd.pdf

  45. Xilinx: Virtex-ii pro and virtex-ii pro x platform fpgas: Complete data sheet. http://www.xilinx.com/support/documentation/data_sheets/ds083.pdf

  46. Zussa, L., Exurville, I., Dutertre, J., Rigaud, J., Robisson, B., Tria, A., Clédière, J.: Evidence of an information leakage between logically independent blocks. In: CS2@HiPEAC, pp. 25–30. ACM (2015)

    Google Scholar 

Download references

Acknowledgments

This work was supported by NIST with the research grant 60NANB15D346, by the Research Council KU Leuven, OT/13/071 and by the Flemish Government through FWO project Cryptography secured against side-channel attacks by tailored implementations enabled by future technologies (G0842.13). Begül Bilgin and Benedikt Gierlichs are Postdoctoral Fellows of the Fund for Scientific Research - Flanders (FWO). Thomas De Cnudde is funded by a research grant of the Institute for the Promotion of Innovation through Science and Technology in Flanders (IWT-Vlaanderen).

Author information

Authors and Affiliations

  1. ESAT-COSIC and imec, KU Leuven, Leuven, Belgium

    Thomas De Cnudde, Begül Bilgin, Benedikt Gierlichs, Svetla Nikova & Vincent Rijmen

  2. NXP Semiconductors, Leuven, Belgium

    Ventzislav Nikov

Authors
  1. Thomas De Cnudde
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Begül Bilgin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Benedikt Gierlichs
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ventzislav Nikov
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Svetla Nikova
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Vincent Rijmen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas De Cnudde .

Editor information

Editors and Affiliations

  1. Secure-IC S.A.S. and TELECOM-ParisTech, Paris, France

    Sylvain Guilley

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

De Cnudde, T., Bilgin, B., Gierlichs, B., Nikov, V., Nikova, S., Rijmen, V. (2017). Does Coupling Affect the Security of Masked Implementations?. In: Guilley, S. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2017. Lecture Notes in Computer Science(), vol 10348. Springer, Cham. https://doi.org/10.1007/978-3-319-64647-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64647-3_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64646-6

  • Online ISBN: 978-3-319-64647-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics