Affine Masking against Higher-Order Side Channel Analysis

نویسندگان

  • Guillaume Fumaroli
  • Ange Martinelli
  • Emmanuel Prouff
  • Matthieu Rivain
چکیده

In the last decade, an effort has been made by the research community to find efficient ways to thwart side channel analysis (SCA) against physical implementations of cryptographic algorithms. A common countermeasure for implementations of block ciphers is Boolean masking which randomizes by the bitwise addition of one or several random value(s) to the variables to be protected. However, advanced techniques called higher-order SCA attacks exist that overcome such a countermeasure. These attacks are greatly favored by the very nature of Boolean masking. In this paper, we revisit the affine masking initially introduced by Von Willich in 2001 as an alternative to Boolean masking. We show how to apply it to AES at the cost of a small timing overhead compared to Boolean masking. We then conduct an in-depth analysis pinpointing the leakage reduction implied by affine masking. Our results clearly show that the proposed scheme provides an excellent performance-security trade-off to protect AES against higher-order SCA.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Security analysis of higher-order Boolean masking schemes for block ciphers (with conditions of perfect masking)

Side-channel attacks are an important class of cryptanalytic techniques against cryptographic implementations and masking is a frequently considered solution to improve the resistance of a cryptographic implementation against side-channel attacks. In this paper, we consequently analyze the security of higher-order Boolean masking schemes in various contexts. Our results are twofold. First, we f...

متن کامل

Provably Secure Countermeasures against Side-channel Attacks

Side-channel attacks exploit the fact that the implementations of cryptographic algorithms leak information about the secret key. In power analysis attacks, the observable leakage is the power consumption of the device, which is dependent on the processed data and the performed operations. Masking is a widely used countermeasure to thwart the powerful Differential Power Analysis (DPA) attacks. ...

متن کامل

Towards Efficient Second-Order Power Analysis

Viable cryptosystem designs must address power analysis attacks, and masking is a commonly proposed technique for defending against these side-channel attacks. It is possible to overcome simple masking by using higher-order techniques, but apparently only at some cost in terms of generality, number of required samples from the device being attacked, and computational complexity. We make progres...

متن کامل

Higher Order Masking of the AES

The development of masking schemes to secure AES implementations against side channel attacks is a topic of ongoing research. Many different approaches focus on the AES S-box and have been discussed in the previous years. Unfortunately, to our knowledge most of these countermeasures only address firstorder DPA. In this article, we discuss the theoretical background of higher order DPA. We give ...

متن کامل

Secure and Efficient Masking of AES - A Mission Impossible?

This document discusses masking approaches with a special focus on the AES S-box. Firstly, we discuss previously presented masking schemes with respect to their security and implementation. We conclude that algorithmic countermeasures to secure the AES algorithm against side-channel attacks have not been resistant against all first-order side-channel attacks. In this article, we introduce a new...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2010  شماره 

صفحات  -

تاریخ انتشار 2010