Paper 2014/751

Higher-Order Threshold Implementations

Begül Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen

Abstract

Higher-order differential power analysis attacks are a serious threat for cryptographic hardware implementations. In particular, glitches in the circuit make it hard to protect the implementation with masking. The existing higher-order masking countermeasures that guarantee security in the presence of glitches use multi-party computation techniques and require a lot of resources in terms of circuit area and randomness. The Threshold Implementation method is also based on multi-party computation but it is more area and randomness efficient. Moreover, it typically requires less clock-cycles since all parties can operate simultaneously. However, so far it is only provable secure against 1st-order DPA. We address this gap and extend the Threshold Implementation technique to higher orders. We define generic constructions and prove their security. To illustrate the approach, we provide 1st, 2nd and 3rd-order DPA-resistant implementations of the block cipher KATAN- 32. Our analysis of 300 million power traces measured from an FPGA implementation supports the security proofs.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in ASIACRYPT 2014
Keywords
higher-order DPAthreshold implementationsglitches
Contact author(s)
begul bilgin @ esat kuleuven be
History
2014-09-29: received
Short URL
https://ia.cr/2014/751
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/751,
      author = {Begül Bilgin and Benedikt Gierlichs and Svetla Nikova and Ventzislav Nikov and Vincent Rijmen},
      title = {Higher-Order Threshold Implementations},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/751},
      year = {2014},
      url = {https://eprint.iacr.org/2014/751}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.