Paper 2017/1195

CAPA: The Spirit of Beaver against Physical Attacks

Oscar Reparaz, Lauren De Meyer, Begül Bilgin, Victor Arribas, Svetla Nikova, Ventzislav Nikov, and Nigel Smart


In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.

Note: Added Acknowledgements Section

Available format(s)
Publication info
Published by the IACR in CRYPTO 2018
MPCmaskingSCADFAcountermeasurethreshold implementationAESKATANleakagephysical attacksside-channelSCA
Contact author(s)
lauren demeyer @ esat kuleuven be
2018-06-11: last of 2 revisions
2017-12-18: received
See all versions
Short URL
Creative Commons Attribution


      author = {Oscar Reparaz and Lauren De Meyer and Begül Bilgin and Victor Arribas and Svetla Nikova and Ventzislav Nikov and Nigel Smart},
      title = {CAPA: The Spirit of Beaver against Physical Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1195},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.