Cryptology ePrint Archive: Report 2017/711

Composable Masking Schemes in the Presence of Physical Defaults and the Robust Probing Model

Sebastian Faust and Vincent Grosso and Santos Merino Del Pozo and Clara Paglialonga and François-Xavier Standaert

Abstract: Composability and robustness against physical defaults (e.g., glitches) are two highly desirable properties for secure implementations of masking schemes. While tools exist to guarantee them separately, no current formalism enables their joint investigation. In this paper, we solve this issue by introducing a new model, the robust probing model, that is naturally suited to capture the combination of these properties. We first motivate this formalism by analyzing the excellent robustness and low randomness requirements of first-order threshold implementations, and highlighting the difficulty to extend them to higher orders. Next, and most importantly, we use our theory to design higher-order secure, robust and composable multiplication gadgets. While admittedly inspired by existing approaches to masking (e.g., Ishai-Sahai-Wagner-like, threshold, domain-oriented), these gadgets exhibit subtle implementation differences with these state-of-the-art solutions (none of which being provably composable and robust). Hence, our results illustrate how sound theoretical models can guide practically-relevant implementations.

Category / Keywords: implementation / side-channel attacks, masking, probing security proofs, physical defaults, threshold implementations, composability

Date: received 20 Jul 2017

Contact author: fstandae at uclouvain be

Available format(s): PDF | BibTeX Citation

Version: 20170725:171813 (All versions of this report)

Short URL: ia.cr/2017/711

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]