Skip to main content
SpringerLink
Log in

Polynomial direct sum masking to protect against both SCA and FIA

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Side-channel attacks (SCAs) and fault injection attacks (FIAs) allow an opponent to have partial access to the internal behavior of the hardware. Since the end of the 1990s, many works have shown that this type of attacks constitutes a serious threat to cryptosystems implemented in embedded devices. In the state of the art, there exist several countermeasures to protect symmetric encryption (especially AES-128). Most of them protect only against one of these two attacks (SCA or FIA). A method called ODSM has been proposed to withstand SCA and FIA, but its implementation in the whole algorithm is a big open problem when no particular hardware protection is possible. In the present paper, we propose a practical masking scheme specifying ODSM which makes it possible to protect the symmetric encryption against these two attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Anderson, R.J., Kuhn, M.G.: Low cost attacks on tamper resistant devices. In: 5th International Workshop on Security Protocols, Paris, France, April 7–9, 1997, Proceedings, pp. 125–136 (1997)

  2. Azzi, S., Barras, B., Christofi, M., Vigilant, D.: Using linear codes as a fault countermeasure for nonlinear operations: application to AES and formal verification. J. Cryptogr. Eng. 7(1), 75–85 (2017)

    Article  Google Scholar 

  3. Balasch, J., Faust, S., Gierlichs, B.: Inner product masking revisited. In: Advances in Cryptology—EUROCRYPT 2015—34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26–30, 2015, Proceedings, Part I

  4. Barenghi, A., Breveglieri, L., Koren, I., Naccache, D.: Fault injection attacks on cryptographic devices: theory, practice, and countermeasures. Proc. IEEE 100(11), 3056–3076 (2012)

    Article  Google Scholar 

  5. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2–4, 1988, Chicago, Illinois, USA, pp. 1–10 (1988)

  6. Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: 11th International Workshop on Selected Areas in Cryptography, SAC, Waterloo, Canada, August 9–10, Revised Selected Papers 2004, pp. 69–83 (2004)

  7. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptol. 14(2), 101–119 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  8. Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal direct sum masking—a smartcard friendly computation paradigm in a code, with builtin protection against side-channel and fault attacks. In: Information Security Theory and Practice. Securing the Internet of Things—8th IFIP WG 11.2 International Workshop, WISTP 2014, Heraklion, Crete, Greece, June 30–July 2, 2014. Proceedings , pp. 40–56 (2014)

  9. Bringer, J., Chabanne, H., Le, T.: Protecting AES against side-channel analysis using wire-tap codes. J. Cryptogr. Eng. 2(2), 129–141 (2012)

    Article  Google Scholar 

  10. Bruneau, N., Guilley, S., Heuser, A., Rioul, O., Standaert, F., Teglia, Y.: Taylor expansion of maximum likelihood attacks for masked and shuffled implementations. In: Advances in Cryptology—ASIACRYPT 2016—22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4–8, 2016, Proceedings, Part I, pp. 573–601 (2016)

  11. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Advances in Cryptology—CRYPTO’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15–19, 1999, Proceedings, pp. 398–412 (1999)

  12. Daemen, J., Rijmen, V.: Aes proposal: Rijndael (1999)

  13. Goubin, L., Martinelli, A.: Protecting AES with Shamir’s secret sharing scheme. In: Cryptographic Hardware and Embedded Systems—CHES 2011—13th International Workshop, Nara, Japan, September 28–October 1, 2011. Proceedings, pp. 79–94 (2011)

  14. Goubin, L., Patarin, J.: DES and differential power analysis (the “duplication” method). In: Cryptographic Hardware and Embedded Systems, First International Workshop, CHES’99, Worcester, MA, USA, August 12–13, 1999, Proceedings, pp. 158–172 (1999)

  15. Guilley, S., Heuser, A., Rioul, O. Codes for side-channel attacks and protections. In: Codes, Cryptology and Information Security—Second International Conference, C2SI: Rabat, Morocco, April 10–12, 2017. Proceedings—In Honor of Claude Carlet 2017, pp. 35–55 (2017)

  16. Ishai, Y., Sahai, A., Wagner, D.A.: Private circuits: securing hardware against probing attacks. In: Advances in Cryptology—CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17–21, 2003, Proceedings, pp. 463–481 (2003)

  17. Massey, J.L.: Linear codes with complementary duals. Discrete Math. 106–107, 337–342 (1992)

    Article  MathSciNet  MATH  Google Scholar 

  18. Poussier, R., Guo, Q., Standaert, F., Carlet, C., Guilley, S.: Connecting and improving direct sum masking and inner product masking. In: Smart Card Research and Advanced Applications—16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13–15, 2017, Revised Selected Papers, pp. 123–141 (2017)

  19. Prouff, E., Roche, T.: Higher-order glitches free implementation of the AES using secure multi-party computation protocols. In: Cryptographic Hardware and Embedded Systems—CHES 2011—13th International Workshop, Nara, Japan, September 28–October 1, 2011. Proceedings, pp. 63–78 (2011)

  20. Rijmen, V., Daemen, J.: Advanced encryption standard. In: Proceedings of Federal Information Processing Standards Publications, National Institute of Standards and Technology, pp. 19–22 (2001)

  21. Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17–20, 2010. Proceedings (2010)

  22. Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Cryptographic Hardware and Embedded Systems—CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6–9, 2009, Proceedings, pp. 171–188 (2009)

  23. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LAGA, Department of Mathematics, University of Paris 8, Saint–Denis cedex 02, France

    Claude Carlet & Abderrahman Daif

  2. University of Bergen, Bergen, Norway

    Claude Carlet

  3. BU connect, Assystem E&OS, 23 Place de Wicklow, 78180, Montigny-le-Bretonneux, France

    Abderrahman Daif & Cédric Tavernier

  4. TELECOM-ParisTech, Crypto Group, Paris Cedex 13, France

    Sylvain Guilley

  5. Secure-IC S.A.S., Rennes, France

    Sylvain Guilley

  6. École Normale Supérieure, 45 Rue d’Ulm, 75005, Paris, France

    Sylvain Guilley

Authors
  1. Claude Carlet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abderrahman Daif
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sylvain Guilley
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cédric Tavernier
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abderrahman Daif.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Carlet, C., Daif, A., Guilley, S. et al. Polynomial direct sum masking to protect against both SCA and FIA. J Cryptogr Eng 9, 303–312 (2019). https://doi.org/10.1007/s13389-018-0194-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-018-0194-9

Keywords

Search

Navigation