ABSTRACT
In this note we study non-completeness, the key property of Threshold Implementations (TIs). TIs have proved to be a popular method for mitigating side-channel leakage of sensitive information in hardware implementations of cryptographic algorithms.
In particular, we provide a reformulation of non-completeness in terms of set coverings with constraints, and describe a strategy for constructing small such coverings for given parameters.
Our obtained results enable the second order secure hardware implementation of algorithms with cubic functions as components, such as AES and inversion in GF(24), without the need for further decompositions.
- Victor Arribas, Begül Bilgin, George Petrides, Svetla Nikova, and Vincent Rijmen. 2018. Rhythmic Keccak: SCA Security and Low Latency in HW. IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol. 2018, 1 (2018), 269--290. https://doi.org/10.13154/tches.v2018.i1.269--290Google ScholarCross Ref
- Begül Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2014. Higher-order Threshold Implementations. In Proceedings of ASIACRYPT . Lecture Notes in Computer Science, Vol. 8874. 326--343. https://doi.org/10.1007/978-3-662-45608-8_18Google ScholarCross Ref
- Begül Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2015. Trade-Offs for Threshold Implementations Illustrated on AES. Computer-Aided Design of Integrated Circuits and Systems, IEEE Transactions on, Vol. 34, 7 (2015), 1188--1200. https://doi.org/10.1109/TCAD.2015.2419623Google Scholar
- Thomas De Cnudde, Begül Bilgin, Oscar Reparaz, Ventzislav Nikov, and Svetla Nikova. 2015. Higher-Order Threshold Implementation of the AES S-Box. In Proceedings of CARDIS. Lecture Notes in Computer Science, Vol. 9514. 259--272. https://doi.org/10.1007/978-3-319-31271-2_16Google ScholarDigital Library
- Karin Gandolfi, Christophe Mourtel, and Francis Olivier. 2001. Electromagnetic Analysis: Concrete Results. In Proceedings of CHES. Lecture Notes in Computer Science, Vol. 2162. 251--261. https://doi.org/10.1007/3-540-44709-1_21Google ScholarCross Ref
- Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In Proceedings of CRYPTO. Lecture Notes in Computer Science, Vol. 1666. 388--397. https://doi.org/10.1007/3-540-48405-1_25Google ScholarCross Ref
- Lauren De Meyer, Begül Bilgin, and Oscar Reparaz. 2019. Consolidating Security Notions in Hardware Masking. IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol. 2019, 3 (2019), 119--147. https://doi.org/10.13154/tches.v2019.i3.119--147Google ScholarCross Ref
- Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-channel Attacks and Glitches. In Proceedings of ICICS. Lecture Notes in Computer Science, Vol. 4307. 529--545. https://doi.org/10.1007/11935308_38Google ScholarDigital Library
- Svetla Nikova, Vincent Rijmen, and Martin Schläffer. 2008. Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches. In Proceedings of ICICS. Lecture Notes in Computer Science, Vol. 5461. 218--234. https://doi.org/10.1007/978-3-642-00730-9_14Google ScholarDigital Library
- Oscar Reparaz, Begül Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede. 2015. Consolidating Masking Schemes. In Proceedings of CRYPTO. Lecture Notes in Computer Science, Vol. 9215. 764--783. https://doi.org/10.1007/978-3-662-47989-6_37Google ScholarCross Ref
Index Terms
- On Non-Completeness in Threshold Implementations
Recommendations
On Non-uniformity in Threshold Sharings
TIS '16: Proceedings of the 2016 ACM Workshop on Theory of Implementation SecurityIn threshold schemes one represents each sensitive variable by a number n of shares such that their (usually) bitwise sum equals that variable. These shares are initially generated in such a way that any subset of n-1 shares gives no information about ...
Threshold Implementations in the Robust Probing Model
TIS'19: Proceedings of ACM Workshop on Theory of Implementation Security WorkshopThreshold Implementations (TI) are provably secure algorithmic countermeasures against side-channel attacks in the form of differential power analysis. The strength of TI lies in its minimal algorithmic requirements. These requirements have been studied ...
On Secure and Side-Channel Resistant Hardware Implementations of Post-Quantum Cryptography
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and SecurityCurrently, many post-quantum cryptography schemes have been implemented on various hardware platforms in order to provide efficient solutions in cybersecurity services. As researchers and hardware developers focus primarily on designs providing small ...
Comments