Paper 2010/523
Affine Masking against Higher-Order Side Channel Analysis
Guillaume Fumaroli, Ange Martinelli, Emmanuel Prouff, and Matthieu Rivain
Abstract
In the last decade, an effort has been made by the research community to find efficient ways to thwart side channel analysis (SCA) against physical implementations of cryptographic algorithms. A common countermeasure for implementations of block ciphers is Boolean masking which randomizes by the bitwise addition of one or several random value(s) to the variables to be protected. However, advanced techniques called higher-order SCA attacks exist that overcome such a countermeasure. These attacks are greatly favored by the very nature of Boolean masking. In this paper, we revisit the affine masking initially introduced by Von Willich in 2001 as an alternative to Boolean masking. We show how to apply it to AES at the cost of a small timing overhead compared to Boolean masking. We then conduct an in-depth analysis pinpointing the leakage reduction implied by affine masking. Our results clearly show that the proposed scheme provides an excellent performance-security trade-off to protect AES against higher-order SCA.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. Full version of the paper published in the proceedings of SAC 2010.
- Keywords
- Side Channel Analysis (SCA)Masking CountermeasureHigher-Order SCAAES
- Contact author(s)
- matthieu rivain @ gmail com
- History
- 2010-10-12: received
- Short URL
- https://ia.cr/2010/523
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/523,
author = {Guillaume Fumaroli and Ange Martinelli and Emmanuel Prouff and Matthieu Rivain},
title = {Affine Masking against Higher-Order Side Channel Analysis},
howpublished = {Cryptology ePrint Archive, Paper 2010/523},
year = {2010},
note = {\url{https://eprint.iacr.org/2010/523}},
url = {https://eprint.iacr.org/2010/523}
}
