Masks will Fall Off -- Higher-Order Optimal Distinguishers

Nicolas Bruneau and Sylvain Guilley and Annelie Heuser and Olivier Rioul

Abstract: Higher-order side-channel attacks are able to break the security of cryptographic implementations even if they are protected with masking countermeasures.

In this paper, we derive the best possible distinguishers (High-Order Optimal Distinguishers or HOOD) against masking schemes under the assumption that the attacker can profile. Our exact derivation admits simple approximate expressions for high and low noise and shows to which extent the optimal distinguishers reduce to known attacks in the case where no profiling is possible. From these results, we can explain theoretically the empirical outcome of recent works on second-order distinguishers. In addition, we extend our analysis to any order and to the application to masked tables precomputation. Our results give some insight on which distinguishers have to be considered in the security analysis of cryptographic devices.

Original Publication (with minor differences): IACR-ASIACRYPT-2014

Date: received 12 May 2015

