Abstract
Countermeasures against side-channel attacks are in general expensive, and a lot of research has been devoted to the optimization of their security versus performance trade-off. Besides, a wide literature has also shown that implementing such countermeasures is an error-prone task and requires to deal with various engineering challenges (e.g., physical defaults, compositional errors, ...). This work aims to contribute to this second item, by evaluating the extent to which (almost) key-homomorphic primitives, and in particular a recent PRF instance based on the learning with rounding problem, can lead to easy-to-implement and easier-to-evaluate side-channel-secure designs. We confirm these properties by describing an FPGA implementation that does not require complex (compositional) reasoning in its analysis and can be masked securely under simple design conditions, and for which the evaluation directly scales to arbitrary number of shares. We provide a comprehensive performance and (worst-case) security analysis of our design and compare the obtained results with those of an AES implementation protected with the domain-oriented masking scheme. Results show that simplicity has a cost, which becomes less prohibitive as security requirements increase.
Similar content being viewed by others
Notes
While other masking-friendly block ciphers could have been investigated, this open-source AES implementation is representative of the state-of-the-art protected designs. This allows us to draw qualitative trade-offs between the LWR-rekeying scheme and a standard substitution permutation network.
Securing \({\mathsf {corrSk}} (\cdot )\) which is executed by the decryption party can be done with similar means, by increasing the amount of correction information by one bit.
All the resource utilization results reported are obtained with Xilinx ISE 14.7.
These have a limited impact on the metric for large d. Indeed, they grow linearly with d, while the rest of the circuit is quadratic.
In the following evaluations, it is implemented with two unprotected AES cores delivering 128 bits of randomness every 55 cycles.
The case of an adversary targeting directly the value and not a transition has also been studied. In that case, the information available is much lower. Since we aim at worst-case evaluations, only the results of transition-based attacks are reported.
This (again) calls for a better understanding of the exact requirements for the randomness used in masking schemes.
References
Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.: On the cost of lazy engineering for masked software implementations. In: CARDIS. LNCS, vol. 8968, pp. 64–81. Springer (2014)
Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P., Grégoire, B., Strub, P.: Verified proofs of higher-order masking. In: EUROCRYPT (1). LNCS, vol. 9056, pp. 457–485. Springer (2015)
Barthe, G., Belaïd, S., Dupressoir, F., Fouque, P., Grégoire, B., Strub, P., Zucchini, R.: Strong non-interference and type-directed higher-order masking. In: ACM Conference on Computer and Communications Security, pp. 116–129. ACM (2016)
Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F., Strub, P.: Parallel implementations of masking schemes and the bounded moment leakage model. In: EUROCRYPT (1). LNCS, vol. 10210, pp. 535–566 (2017)
Battistello, A., Coron, J., Prouff, E., Zeitoun, R.: Horizontal side-channel attacks and countermeasures on the ISW masking scheme. In: CHES. LNCS, vol. 9813, pp. 23–39. Springer (2016)
Becker, G., Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Kouzminov, T., Leiserson, A., Marson, M., Rohatgi, P., et al.: Test vector leakage assessment (TVLA) methodology in practice
Belaïd, S., Coron, J., Fouque, P., Gérard, B., Kammerer, J., Prouff, E.: Improved side-channel analysis of finite-field multiplication. In: CHES. LNCS, vol. 9293, pp. 395–415. Springer (2015)
Belaïd, S., Fouque, P., Gérard, B.: Side-channel analysis of multiplications in \(GF(2^{128})\)—application to AES-GCM. In: ASIACRYPT (2). LNCS, vol. 8874, pp. 306–325. Springer (2014)
Bloem, R., Groß, H., Iusupov, R., Könighofer, B., Mangard, S., Winter, J.: Formal verification of masked hardware implementations in the presence of glitches. In: EUROCRYPT (2). LNCS, vol. 10821, pp. 321–353. Springer (2018)
Bogdanov, A., Rosen, A.: Pseudorandom functions: three decades later. In: Tutorials on the Foundations of Cryptography, pp. 79–158. Springer International Publishing (2017)
Brenner, H., Gaspar, L., Leurent, G., Rosen, A., Standaert, F.: FPGA implementations of SPRING—and their countermeasures against side-channel attacks. In: CHES. Lecture Notes in Computer Science, vol. 8731, pp. 414–432. Springer (2014)
Bronchain, O., Hendrickx, J.M., Massart, C., Olshevsky, A., Standaert, F.: Leakage certification revisited: bounding model errors in side-channel security evaluations. In: CRYPTO (1). Lecture Notes in Computer Science, vol. 11692, pp. 713–737. Springer (2019)
Bronchain, O., Schneider, T., Standaert, F.: Multi-tuple leakage detection and the dependent signal issue. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 318–345 (2019)
Burman, S., Mukhopadhyay, D., Veezhinathan, K.: LFSR based stream ciphers are vulnerable to power attacks. In: INDOCRYPT. Lecture Notes in Computer Science, vol. 4859, pp. 384–392. Springer (2007)
Cassiers, G., Grégoire, B., Levi, I., Standaert, F.: Hardware private circuits: From trivial composition to full verification. IACR Cryptol. ePrint Arch. 2020, 185 (2020)
Cassiers, G., Standaert, F.: Towards globally optimized masking: from low randomness to low noise rate or probe isolating multiplications with reduced randomness and security against horizontal attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 162–198 (2019). https://doi.org/10.13154/tches.v2019.i2.162-198
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: CRYPTO. LNCS, vol. 1666, pp. 398–412. Springer (1999)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: CHES. LNCS, vol. 2523, pp. 13–28. Springer (2002)
de Chérisey, E., Guilley, S., Rioul, O., Piantanida, P.: Best information is most successful mutual information and success rate in side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 49–79 (2019). https://doi.org/10.13154/tches.v2019.i2.49-79
Cnudde, T.D., Bilgin, B., Gierlichs, B., Nikov, V., Nikova, S., Rijmen, V.: Does coupling affect the security of masked implementations? In: COSADE. LNCS, vol. 10348, pp. 1–18. Springer (2017)
Cnudde, T.D., Ender, M., Moradi, A.: Hardware masking, revisited. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 123–148 (2018). https://doi.org/10.13154/tches.v2018.i2.123-148
Cnudde, T.D., Reparaz, O., Bilgin, B., Nikova, S., Nikov, V., Rijmen, V.: Masking AES with d+1 shares in hardware. In: CHES. LNCS, vol. 9813, pp. 194–212. Springer (2016)
Coron, J., Giraud, C., Prouff, E., Renner, S., Rivain, M., Vadnala, P.K.: Conversion of security proofs from one leakage model to another: A new issue. In: COSADE. LNCS, vol. 7275, pp. 69–81. Springer (2012)
Ding, A.A., Zhang, L., Durvaux, F., Standaert, F., Fei, Y.: Towards sound and optimal leakage detection procedure. In: CARDIS. LNCS, vol. 10728, pp. 105–122. Springer (2017)
Dobraunig, C., Koeune, F., Mangard, S., Mendel, F., Standaert, F.: Towards fresh and hybrid re-keying schemes with beyond birthday security. In: CARDIS. LNCS, vol. 9514, pp. 225–241. Springer (2015)
Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: From probing attacks to noisy leakage. In: EUROCRYPT. LNCS, vol. 8441, pp. 423–440. Springer (2014)
Duc, A., Faust, S., Standaert, F.: Making masking security proofs concrete—or how to evaluate the security of any leaking device. In: EUROCRYPT (1). LNCS, vol. 9056, pp. 401–429. Springer (2015)
Durvaux, F., Standaert, F.: From improved leakage detection to the detection of points of interests in leakage traces. In: EUROCRYPT (1). LNCS, vol. 9665, pp. 240–262. Springer (2016)
Dziembowski, S., Faust, S., Herold, G., Journault, A., Masny, D., Standaert, F.: Towards sound fresh re-keying with hard (physical) learning problems. In: CRYPTO (2). LNCS, vol. 9815, pp. 272–301. Springer (2016)
Faust, S., Grosso, V., Pozo, S.M.D., Paglialonga, C., Standaert, F.: Composable masking schemes in the presence of physical defaults & the robust probing model. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(3), 89–120 (2018). https://doi.org/10.13154/tches.v2018.i3.89-120
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: CHES. LNCS, vol. 2162, pp. 251–261. Springer (2001)
Gaspar, L., Leurent, G., Standaert, F.: Hardware implementation and side-channel analysis of lapin. In: CT-RSA. Lecture Notes in Computer Science, vol. 8366, pp. 206–226. Springer (2014)
Gilbert Goodwill, B.J., Jaffe, J., Rohatgi, P., et al.: A testing methodology for side-channel resistance validation
Goudarzi, D., Rivain, M.: How fast can higher-order masking be in software? In: EUROCRYPT (1). LNCS, vol. 10210, pp. 567–597 (2017)
Groß, H., Mangard, S.: A unified masking approach. J. Cryptogr. Eng. 8(2), 109–124 (2018). https://doi.org/10.1007/s13389-018-0184-y
Groß, H., Mangard, S., Korak, T.: An efficient side-channel protected AES implementation with arbitrary protection order. In: CT-RSA. LNCS, vol. 10159, pp. 95–112. Springer (2017)
Grosso, V., Standaert, F.: Masking proofs are tight and how to exploit it in security evaluations. In: EUROCRYPT (2). LNCS, vol. 10821, pp. 385–412. Springer (2018)
Guo, Q., Johansson, T.: A new birthday-type algorithm for attacking the fresh re-keying countermeasure. Inf. Process. Lett. 146, 30–34 (2019). https://doi.org/10.1016/j.ipl.2019.02.005
Ishai, Y., Sahai, A., Wagner, D.A.: Private circuits: securing hardware against probing attacks. In: CRYPTO. LNCS, vol. 2729, pp. 463–481. Springer (2003)
Journault, A., Standaert, F.: Very high order masking: Efficient implementation and security evaluation. In: CHES. LNCS, vol. 10529, pp. 623–643. Springer (2017)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: CRYPTO. LNCS, vol. 1666, pp. 388–397. Springer (1999)
Levi, I., Bellizia, D., Standaert, F.: Reducing a masked implementation’s effective security order with setup manipulations and an explanation based on externally-amplified couplings. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 293–317 (2019)
Mangard, S., Oswald, E., Standaert, F.: One for all-all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100–110 (2011). https://doi.org/10.1049/iet-ifs.2010.0096
Mangard, S., Popp, T., Gammel, B.M.: Side-channel leakage of masked CMOS gates. In: CT-RSA. LNCS, vol. 3376, pp. 351–365. Springer (2005)
Mangard, S., Pramstaller, N., Oswald, E.: Successfully attacking masked AES hardware implementations. In: CHES. LNCS, vol. 3659, pp. 157–171. Springer (2005)
Mather, L., Oswald, E., Whitnall, C.: Multi-target DPA attacks: pushing DPA beyond the limits of a desktop computer. In: ASIACRYPT (1). LNCS, vol. 8873, pp. 243–261. Springer (2014)
Medwed, M., Standaert, F., Großschädl, J., Regazzoni, F.: Fresh re-keying: Security against side-channel and fault attacks for low-cost devices. In: AFRICACRYPT. LNCS, vol. 6055, pp. 279–296. Springer (2010)
Moos, T., Moradi, A., Schneider, T., Standaert, F.: Glitch-resistant masking revisited or why proofs in the robust probing model are needed. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 256–292 (2019). https://doi.org/10.13154/tches.v2019.i2.256-292
Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: A very compact and a threshold implementation of AES. In: EUROCRYPT. LNCS, vol. 6632, pp. 69–88. Springer (2011)
Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011). https://doi.org/10.1007/s00145-010-9085-7
Pereira, O., Standaert, F., Vivek, S.: Leakage-resilient authentication and encryption from symmetric cryptographic primitives. In: ACM Conference on Computer and Communications Security, pp. 96–108. ACM (2015)
Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: EUROCRYPT. LNCS, vol. 7881, pp. 142–159. Springer (2013)
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: CHES. LNCS, vol. 3659, pp. 30–46. Springer (2005)
Schneider, T., Moradi, A.: Leakage assessment methodology—extended version. J. Cryptogr. Eng. 6(2), 85–99 (2016). https://doi.org/10.1007/s13389-016-0120-y
Standaert, F., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: EUROCRYPT. Lecture Notes in Computer Science, vol. 5479, pp. 443–461. Springer (2009)
Standaert, F.X.: How (not) to use welch’s t-test in side-channel security evaluations. In: CARDIS, pp. 65–79. Springer (2018)
Welch, B.L.: The generalization ofstudent’s’ problem when several different population variances are involved. Biometrika 34(1/2), 28–35 (1947)
Yiu, J.: The Definitive Guide to ARM® Cortex®-M3 and Cortex®-M4 Processors. Newnes (2013)
Acknowledgements
François-Xavier Standaert is a Senior Research Associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). This work has been funded in part by the European Union (EU) through the ERC project 724725 (acronym SWORD)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Tobias Schneider: The majority of the author’s contribution was performed while he was with ICTEAM Institute, UCLouvain, Louvain-la-Neuve, Belgium.
Appendices
A Leakage model
Linear basis was used as a leakage model. Each of the curves corresponds to a single \(\alpha _i\) showing the activity of each of the bits across time.
B Cost of security
C Parallelism parameter
Rights and permissions
About this article
Cite this article
Bronchain, O., Schneider, T. & Standaert, FX. Reducing risks through simplicity: high side-channel security for lazy engineers. J Cryptogr Eng 11, 39–55 (2021). https://doi.org/10.1007/s13389-020-00241-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-020-00241-8