A Note on 'Further Improving Efficiency of Higher-Order Masking Scheme by Decreasing Randomness Complexity'

Gilles Barthe; François Dupressoir; Benjamin Grégoire

Paper 2017/1053

A Note on 'Further Improving Efficiency of Higher-Order Masking Scheme by Decreasing Randomness Complexity'

Gilles Barthe, François Dupressoir, and Benjamin Grégoire

Abstract

Zhang, Qiu and Zhou propose two optimised masked algorithms for computing functions of the form $x \mapsto x \cdot ℓ (x)$ for any linear function $ℓ$ . They claim security properties. We disprove their first claim by exhibiting a first order flaw that is present in their first proposed algorithm scheme at all orders. We put their second claim into question by showing that their proposed algorithm, as published, is not well-defined at all orders, making use of variables before defining them. We then also exhibit a counterexample at order 2, that we believe generalises to all even orders.

Metadata

Available format(s): PDF
Publication info: Preprint. MINOR revision.
Keywords: higher-order masking probing security
Contact author(s): fdupress @ gmail com
History: 2017-10-31: received
Short URL: https://ia.cr/2017/1053
License: CC BY

BibTeX

@misc{cryptoeprint:2017/1053,
      author = {Gilles Barthe and François Dupressoir and Benjamin Grégoire},
      title = {A Note on 'Further Improving Efficiency of Higher-Order Masking Scheme by Decreasing Randomness Complexity'},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/1053},
      year = {2017},
      url = {https://eprint.iacr.org/2017/1053}
}