You are looking at a specific version 20150730:094808 of this paper. See the latest version.

Paper 2015/749

Affine Equivalence and its Application to Tightening Threshold Implementations

Pascal Sasdrich and Amir Moradi and Tim Güneysu

Abstract

Motivated by the development of Side-Channel Analysis (SCA) countermeasures which can provide security up to a certain order, defeating higher-order attacks has become amongst the most challenging issues. For instance, Threshold Implementation (TI) which nicely solves the problem of glitches in masked hardware designs is able to avoid first-order leakages. Hence, its extension to higher orders aims at counteracting SCA attacks at higher orders, that might be limited to univariate scenarios. Although with respect to the number of traces as well as sensitivity to noise the higher the order, the harder it is to mount the attack, a d-order TI design is vulnerable to an attack at order d+1. In this work we look at the feasibility of higher-order attacks on first-order TI from another perspective. Instead of increasing the order of resistance by employing higher-order TIs, we go toward introducing structured randomness into the implementation. Our construction, which is a combination of masking and hiding, is dedicated to TI designs and deals with the concept of "affine equivalence" of Boolean functions. Such a combination hardens a design practically against higher-order attacks so that these attacks cannot be successfully mounted. We show that the area overhead of our construction is paid off by its ability to avoid higher-order leakages to be practically exploitable.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Selected Areas in Cryptography (SAC15)
Keywords
side-channel protectionFPGATIhigher-order
Contact author(s)
pascal sasdrich @ rub de
History
2015-07-30: received
Short URL
https://ia.cr/2015/749
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.