Cryptology ePrint Archive: Report 2016/931

Feeding Two Cats with One Bowl: On Designing a Fault and Side-Channel Resistant Software Encoding Scheme (Extended Version)

Jakub Breier and Xiaolu Hou

Abstract: When it comes to side-channel countermeasures, software encoding schemes are becoming popular and provide a good level of security for general-purpose microcontrollers. However, these schemes are not designed to be fault resistant, and this property is discussed very rarely. Therefore, implementers have to pile up two different countermeasures in order to protect the algorithm against these two popular classes of attacks.

In our paper, we discuss the fault resistance properties of encoding schemes in general. We define theoretical bounds that clearly show the possibilities and limitations of encoding-based countermeasures, together with trade-offs between side-channel and fault resistance. Moreover, we simulate several codes with respect to most popular fault models, using a general-purpose microcontroller assembly implementation. Our algorithm shows how to implement fault resistance to an encoding scheme that currently has the best side-channel resistant capabilities. As a result, we are able to design a code by using automated methods, that can provide the optimal trade-off between side-channel and fault resistance.

Category / Keywords: implementation / software encoding schemes, side-channel attacks, fault attacks, countermeasures

Original Publication (with minor differences): Accepted to CT-RSA 2017

Date: received 26 Sep 2016, last revised 9 Mar 2017

Contact author: jbreier at ntu edu sg

Available format(s): PDF | BibTeX Citation

Version: 20170309:085540 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]