Cryptology ePrint Archive: Report 2013/700
Higher Order Masking of Look-up Tables
Abstract: We describe a new algorithm for masking look-up tables of block-ciphers at any order, as a countermeasure against side-channel attacks. Our technique is a generalization of the classical randomized table countermeasure against first-order attacks. We prove the security of our new algorithm against t-th order attacks in the usual Ishai-Sahai-Wagner model from Crypto 2003; we also improve the bound on the number of shares from n>=4t+1 to n>= 2t+1 for an adversary who can adaptively move its probes between successive executions.
Our algorithm has the same time complexity O(n^2) as the Rivain-Prouff algorithm for AES, and its extension by Carlet et al. to any look-up table. In practice for AES our algorithm is less efficient than Rivain-Prouff, which can take advantage of the special algebraic structure
of the AES Sbox; however for DES our algorithm performs slightly better.
Category / Keywords: implementation /
Original Publication (with major differences): IACR-EUROCRYPT-2014
Date: received 26 Oct 2013, last revised 5 Feb 2014
Contact author: jean-sebastien coron at uni lu
Available format(s): PDF | BibTeX Citation
Version: 20140205:092212 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]