Cryptology ePrint Archive: Report 2013/700

Higher Order Masking of Look-up Tables

Jean-Sebastien Coron

Abstract: We describe a new algorithm for masking look-up tables of block-ciphers at any order, as a countermeasure against side-channel attacks. Our technique is a generalization of the classical randomized table countermeasure against first-order attacks. We prove the security of our new algorithm against t-th order attacks in the usual Ishai-Sahai-Wagner model from Crypto 2003; we also improve the bound on the number of shares from n>=4t+1 to n>= 2t+1 for an adversary who can adaptively move its probes between successive executions. Our algorithm has the same time complexity O(n^2) as the Rivain-Prouff algorithm for AES, and its extension by Carlet et al. to any look-up table. In practice for AES our algorithm is less efficient than Rivain-Prouff, which can take advantage of the special algebraic structure of the AES Sbox; however for DES our algorithm performs slightly better.

Category / Keywords: implementation /

Original Publication (with major differences): IACR-EUROCRYPT-2014

Date: received 26 Oct 2013, last revised 5 Feb 2014

Contact author: jean-sebastien coron at uni lu

Available format(s): PDF | BibTeX Citation

Version: 20140205:092212 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]