Skip to main content
SpringerLink
Log in

Categorizing all linear codes of IPM over \({\mathbb {F}}_{2^{8}}\)

  • Published:
Cryptography and Communications Aims and scope Submit manuscript

Abstract

Inner Product Masking (IPM) is a generalization of several masking schemes including the Boolean one to protect cryptographic implementation against side-channel analysis. The core competitiveness of IPM is that it provides higher side-channel resistance than Boolean masking with the same number of shares. In this paper, we follow a coding theoretic approach and categorize all linear codes of IPM with n = 2 shares over the finite field \({\mathbb {F}}_{2^{8}}\) in terms of side-channel resistance. We focus on 2-share masking schemes, as they provide, at bit-level, as high as 3rd-order security (much higher than the 1st-order security of Boolean masking). We present the optimal codes for IPM in the sense of side-channel resistance assessed by the signal-to-noise ratio (SNR) and the mutual information (MI). We also show that IPM with equivalent linear codes have comparable level of side-channel resistance. Furthermore, we take the Best Known Linear Codes into consideration for comparison. The numerical results of SNR and MI confirm the effectiveness of our proposal for categorizing.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. The only criteria of BKLC is the highest minimum Hamming distance [18].

  2. As an example, this irreducible polynomial is used to construct the optimal codes in [10].

References

  1. Akkar, M.-L., Goubin, L.: A generic protection against high-order differential power analysis. In: LNCS, editor, Proceedings of FSE?03, volume 2887 of LNCS, pp. 192–205. Springer, Berlin (2003)

  2. Balasch, J., Faust, S., Gierlichs, B.: Inner product masking revisited. In: Oswald, E., Fischlin, M. (eds.) Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26–30, 2015, Proceedings, Part I, volume 9056 of Lecture Notes in Computer Science (2015)

  3. Balasch, J., Faust, S., Gierlichs, B., Paglialonga, C., Standaert, F.-X.: Consolidating inner product masking. In: Takagi, T., Peyrin, T. (eds.) Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3–7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pp. 724–754. Springer (2017)

  4. Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F.-X., Strub, P.-Y.: Parallel implementations of masking schemes and the bounded moment leakage model. In: Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part I, volume 10210 of Lecture Notes in Computer Science, pp. 535–566 (2017)

  5. Betsumiya, K., Harada, M.: Binary optimal odd formally self-dual codes. Des. Codes Cryptography 23(1), 11–22 (2001). http://www.math.nagoya-u.ac.jp/koichi/paper/fsd-odd.pdf

    Article  MathSciNet  Google Scholar 

  6. Brier, É., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2004: 6th International Workshop Cambridge, MA, USA, August 11-13, 2004. Proceedings, volume 3156 of Lecture Notes in Computer Science, pp. 16–29. Springer (2004)

  7. Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal direct sum masking - a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks. In: Naccache, D., Sauveron, D. (eds.) Information Security Theory and Practice. Securing the Internet of Things - 8th IFIP WG 11.2 International Workshop, WISTP 2014, Heraklion, Crete, Greece, June 30 - July 2, 2014 Proceedings, volume 8501 of Lecture Notes in Computer Science, pp. 40–56. Springer (2014)

  8. Carlet, C., Danger, J.-L., Guilley, S., Maghrebi, H., Prouff, E.: Achieving side-channel high-order correlation immunity with leakage squeezing. J. Cryptographic Engineering 4(2), 107–121 (2014)

    Article  Google Scholar 

  9. Carlet, C., Guilley, S.: Statistical properties of side-channel and fault injection attacks using coding theory. Cryptogr. Commun. 10(5), 909–933 (2018)

    Article  MathSciNet  Google Scholar 

  10. Cheng, W., Carlet, C., Goli, K., Danger, J.-L., Guilley, S.: Detecting faults in inner product masking scheme — IPM-FD: IPM with fault detection, August 24 2019. 8th International workshop on security proofs for embedded systems (PROOFS). Atlanta, GA, USA

  11. Cheng, W., Guilley, S., Carlet, C., Mesnager, S., Danger, J.-L.: Optimizing inner product masking scheme by a coding theory approach. IEEE Trans. Inf. Forensics Secur. 16, 220–235 (2021)

    Article  Google Scholar 

  12. Cheng, W., Guilley, S., Danger, J.-L., Carlet, C., Mesnager, S.: Optimal linear codes for IPM. https://github.com/Qomo-CHENG/OC-IPM (2020)

  13. Common criteria development board. Application of attack potential to smartcards, mandatory technical document, Version 2.9, Revision 2, CCDB-2013-05-002, May 2013. http://www.commoncriteriaportal.org/files/supdocs/CCDB-2013-05-002.pdf

  14. Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: Revealing the secrets of smart cards. Springer. ISBN 0-387-30857-1, http://www.dpabook.org/ (2006)

  15. Moradi, A., Standaert, F.-X.: Moments-Correlating DPA. In: Bilgin, B., Nikova, S., Rijmen, V. (eds.) Proceedings of the ACM workshop on theory of implementation security, TIS@CCS 2016 Vienna, Austria, October, 2016, pp. 5–15. ACM (2016)

  16. Poussier, R., Guo, Q., Standaert, F.-X., Carlet, C., Guilley, S.: Connecting and improving direct sum masking and inner product masking. In: Eisenbarth, T., Teglia, Y. (eds.) Smart Card Research and Advanced Applications - 16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13–15, 2017, Revised Selected Papers, volume 10728 of Lecture Notes in Computer Science (2017)

  17. Standaert, F.-X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: EUROCRYPT volume 5479 of LNCS, Cologne, Germany, pp. 443–461. Springer (2009)

  18. University of Sydney (Australia). Magma computational algebra system. http://magma.maths.usyd.edu.au/magma/, Accessed on 2014-08-22

  19. Wang, W., Méaux, P., Standaert, F.-X.: Efficient and private computations with code-based masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(2), 128–171 (2020)

    Article  Google Scholar 

  20. Wang, W., Standaert, F.-X., Yu, Y., Pu, S., Liu, J., Guo, Z., Gu, D.: Inner product masking for bitslice ciphers and security order amplification for linear leakages. In: Lemke-Rust, K., Tunstall, M. (eds.) Smart Card Research and Advanced Applications - 15th International Conference, CARDIS 2016, Cannes, France, November 7–9, 2016, Revised Selected Papers, volume 10146 of Lecture Notes in Computer Science, pp. 174–191 (2016)

Download references

Acknowledgements

This work has been partly financed via the project TeamPlay (https://teamplay-h2020.eu/), a project from European Union’s Horizon2020 research and innovation program, under grant agreement N 779882, and also supported by SECODE project (https://secode.telecom-paristech.fr/) under grant N ANR-15-CHR2-0007 funded by the CHIST-ERA programme and coordinated by ANR.

Author information

Authors and Affiliations

  1. LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France

    Wei Cheng, Sylvain Guilley & Jean-Luc Danger

  2. Secure-IC S.A.S., Cesson-Sévigné, France

    Sylvain Guilley & Jean-Luc Danger

  3. Département d’informatique de l’ENS (DIENS), ENS, CNRS, PSL University, Paris, France

    Sylvain Guilley

Authors
  1. Wei Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sylvain Guilley
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jean-Luc Danger
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wei Cheng.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix: Generating matrices for the best IPM codes identified on \({\mathbb {F}}_{256}\) by Alg. 1

Appendix: Generating matrices for the best IPM codes identified on \({\mathbb {F}}_{256}\) by Alg. 1

This appendix provides the details about the three non-equivalent optimal codes identified by Alg. 1 and reported in the last line of Table 1.

Extension of the first optimal code from \({\mathbb {F}}_{256}\) to \({\mathbb {F}}_{2}\)

The generating matrix for the expanded code spanned by \(\begin {pmatrix} 1 & \alpha ^{8} \end {pmatrix}\) from \({\mathbb {F}}_{256}\) on the base field \({\mathbb {F}}_{2}\) is:

$$ \mathbf{H}^{\perp}_{1}= \left( \begin{array}{lllllllllllllllll} 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & & 1 & 0 & 1 & 1 & 1 & 0 & 0 & 0 \\ 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & & 0 & 1 & 0 & 1 & 1 & 1 & 0 & 0 \\ 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & & 0 & 0 & 1 & 0 & 1 & 1 & 1 & 0 \\ 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & & 0 & 0 & 0 & 1 & 0 & 1 & 1 & 1 \\ 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & & 1 & 0 & 1 & 1 & 0 & 0 & 1 & 1 \\ 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 \\ 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 \\ 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & & 0 & 1 & 1 & 0 & 0 & 1 & 0 & 0 \end{array}\right) \in{\mathbb{F}}_{2}^{8\times 16}. $$

Extension of the second optimal code from \({\mathbb {F}}_{256}\) to \({\mathbb {F}}_{2}\)

The generating matrix for the expanded code spanned by \(\begin {pmatrix} 1 & \alpha ^{126} \end {pmatrix}\) from \({\mathbb {F}}_{256}\) on the base field \({\mathbb {F}}_{2}\) is:

$$ \mathbf{H}^{\perp}_{2}= \left( \begin{array}{lllllllllllllllll} 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & & 1 & 0 & 1 & 1 & 1 & 0 & 0 & 0 \\ 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & & 0 & 1 & 0 & 1 & 1 & 1 & 0 & 0 \\ 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & & 0 & 0 & 1 & 0 & 1 & 1 & 1 & 0 \\ 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & & 0 & 0 & 0 & 1 & 0 & 1 & 1 & 1 \\ 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & & 1 & 0 & 1 & 1 & 0 & 0 & 1 & 1 \\ 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & & 1 & 1 & 1 & 0 & 0 & 0 & 0 & 1 \\ 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & & 1 & 1 & 0 & 0 & 1 & 0 & 0 & 0 \\ 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & & 0 & 1 & 1 & 0 & 0 & 1 & 0 & 0 \end{array}\right) \in{\mathbb{F}}_{2}^{8\times 16}. $$

Extension of the third optimal code from \({\mathbb {F}}_{256}\) to \({\mathbb {F}}_{2}\)

The generating matrix for the expanded code spanned by \(\begin {pmatrix} 1 & \alpha ^{127} \end {pmatrix}\) from \({\mathbb {F}}_{256}\) on the base field \({\mathbb {F}}_{2}\) is:

$$ \mathbf{H}^{\perp}_{3}= \left( \begin{array}{lllllllllllllllll} 1 & 0 & 0 & 0 & 0 & 0 & 0 & 0 & & 0 & 0 & 1 & 1 & 0 & 0 & 1 & 1 \\ 0 & 1 & 0 & 0 & 0 & 0 & 0 & 0 & & 1 & 0 & 1 & 0 & 0 & 0 & 0 & 1 \\ 0 & 0 & 1 & 0 & 0 & 0 & 0 & 0 & & 1 & 1 & 1 & 0 & 1 & 0 & 0 & 0 \\ 0 & 0 & 0 & 1 & 0 & 0 & 0 & 0 & & 0 & 1 & 1 & 1 & 0 & 1 & 0 & 0 \\ 0 & 0 & 0 & 0 & 1 & 0 & 0 & 0 & & 0 & 0 & 1 & 1 & 1 & 0 & 1 & 0 \\ 0 & 0 & 0 & 0 & 0 & 1 & 0 & 0 & & 0 & 0 & 0 & 1 & 1 & 1 & 0 & 1 \\ 0 & 0 & 0 & 0 & 0 & 0 & 1 & 0 & & 1 & 0 & 1 & 1 & 0 & 1 & 1 & 0 \\ 0 & 0 & 0 & 0 & 0 & 0 & 0 & 1 & & 0 & 1 & 0 & 1 & 1 & 0 & 1 & 1 \end{array}\right) \in{\mathbb{F}}_{2}^{8\times 16}. $$

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cheng, W., Guilley, S. & Danger, JL. Categorizing all linear codes of IPM over \({\mathbb {F}}_{2^{8}}\). Cryptogr. Commun. 13, 527–542 (2021). https://doi.org/10.1007/s12095-021-00483-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12095-021-00483-1

Keywords

Mathematics Subject Classification (2010)

Search

Navigation