Addition with Blinded Operands
نویسندگان
چکیده
The masking countermeasure is an efficient method to protect cryptographic algorithms against Differential Power Analysis (DPA) and similar attacks. For symmetric cryptosystems, two techniques are commonly used: Boolean masking and arithmetic masking. Conversion methods have been proposed for switching from Boolean masking to arithmetic masking, and conversely. The way conversion is applied depends on the combination of arithmetic and Boolean/logical operations executed by the underlying cryptographic algorithm. This paper focuses on a combination of one addition with one or more Boolean operations. Building on a secure version of a binary addition algorithm (namely, the and-xor-and-double method), we show that conversions from Boolean masking to arithmetic masking can be avoided. We present an application of the new algorithm to the XTEA block-cipher.
منابع مشابه
A Unifying Approach for Weighted and Diminished-1 Modulo Addition
In this paper, it is shown that every architecture proposed for modulo addition of operands that follow the diminished-1 representation can also be used in the design of modulo adders for operands that follow the weighted representation. This is achieved by the addition of a constant-time operator composed of a simplified carry-save adder stage. The experimental results indicate that many archi...
متن کاملThe use of the operand-recognition paradigm for the study of mental addition in older adults.
OBJECTIVES Determining how individuals solve arithmetic problems is crucial for our understanding of human cognitive architecture. Elderly adults are supposed to use memory retrieval more often than younger ones. However, they might backup their retrieval by reconstructive strategies. In order to investigate this issue, we used the operand-recognition paradigm, which capitalizes on the fact tha...
متن کاملTwo Operands of Multipliers in Side-Channel Attack
The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multipliers. There are two consequences. Firstly, designing order of operands can be a cost-effective countermeasure. We show a concrete example in which operand order determines success and failure of the attack. Secondly, countermeasures can be ineffective if the asy...
متن کاملAttacking OpenSSL using Side-channel Attacks: the RSA case study
We show that RSA implementation present in OpenSSL can be successfully attacked using sidechannels. In OpenSSL, the modular exponentiation is implemented using m-ary method, where a table of size 2m entries is precomputed. The exponent is divided into words of m-bits each and the algorithm proceeds one word at a time using the precomputed table. Furthermore, to protect against side-channel atta...
متن کاملAlgorithm to calculate the Minkowski sums of 3-polytopes dedicated to tolerance analysis
Prompted by the development of algorithms for analysing geometric tolerancing, this article describes a method to determine the Minkowski sum for 3-dimension polytopes. This purposed method is based exclusively on intersection operations on normal cones, using the properties of the normal fan of a Minkowski sum obtained by common refinement of the normal fans of the operands. It can be used to ...
متن کامل