Paper 2013/700

Higher Order Masking of Look-up Tables

Jean-Sebastien Coron

Abstract

We describe a new algorithm for masking look-up tables of block-ciphers at any order, as a countermeasure against side-channel attacks. Our technique is a generalization of the classical randomized table countermeasure against first-order attacks. We prove the security of our new algorithm against t-th order attacks in the usual Ishai-Sahai-Wagner model from Crypto 2003; we also improve the bound on the number of shares from n>=4t+1 to n>= 2t+1 for an adversary who can adaptively move its probes between successive executions. Our algorithm has the same time complexity O(n^2) as the Rivain-Prouff algorithm for AES, and its extension by Carlet et al. to any look-up table. In practice for AES our algorithm is less efficient than Rivain-Prouff, which can take advantage of the special algebraic structure of the AES Sbox; however for DES our algorithm performs slightly better.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A major revision of an IACR publication in EUROCRYPT 2014
Contact author(s)
jean-sebastien coron @ uni lu
History
2014-02-05: revised
2013-10-28: received
See all versions
Short URL
https://ia.cr/2013/700
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/700,
      author = {Jean-Sebastien Coron},
      title = {Higher Order Masking of Look-up Tables},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/700},
      year = {2013},
      url = {https://eprint.iacr.org/2013/700}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.