Paper 2018/505

Improved Parallel Mask Refreshing Algorithms: Generic Solutions with Parametrized Non-Interference \& Automated Optimizations

Gilles Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, François-Xavier Standaert, and Pierre-Yves Strub

Abstract

Refreshing algorithms are a critical ingredient for secure masking. They are instrumental in enabling sound composability properties for complex circuits, and their randomness requirements dominate the performance overheads in (very) high-order masking. In this paper, we improve a proposal of mask refreshing algorithms from EUROCRYPT 2017, that has excellent implementation properties in software and hardware, in two main directions. First, we provide a generic proof that this algorithm is secure at arbitrary orders -- a problem that was left open so far. We introduce Parametrized Non-Interference as a new technical ingredient for this purpose, that may be of independent interest. Second, we use automated tools to further explore the design space of such algorithms and provide the best known parallel mask refreshing gadgets for concretely relevant security orders. Incidentally, we also prove the security of a recent proposal of mask refreshing with improved resistance against horizontal attacks from CHES 2017.

Note: Correcting errors in Table 3 (algorithms marked as insecure are in fact secure) and propagating consequences to Table 4.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Side-channel attacksmasking countermeasurerefreshing algorithmscomposability
Contact author(s)
sonia belaid @ cryptoexperts com
History
2018-05-30: revised
2018-05-26: received
See all versions
Short URL
https://ia.cr/2018/505
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/505,
      author = {Gilles Barthe and Sonia Belaïd and François Dupressoir and Pierre-Alain Fouque and Benjamin Grégoire and François-Xavier Standaert and Pierre-Yves Strub},
      title = {Improved Parallel Mask Refreshing Algorithms: Generic Solutions with Parametrized Non-Interference \& Automated Optimizations},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/505},
      year = {2018},
      url = {https://eprint.iacr.org/2018/505}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.