Paper 2018/505

Improved Parallel Mask Refreshing Algorithms: Generic Solutions with Parametrized Non-Interference \& Automated Optimizations

Gilles Barthe, Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, François-Xavier Standaert, and Pierre-Yves Strub


Refreshing algorithms are a critical ingredient for secure masking. They are instrumental in enabling sound composability properties for complex circuits, and their randomness requirements dominate the performance overheads in (very) high-order masking. In this paper, we improve a proposal of mask refreshing algorithms from EUROCRYPT 2017, that has excellent implementation properties in software and hardware, in two main directions. First, we provide a generic proof that this algorithm is secure at arbitrary orders -- a problem that was left open so far. We introduce Parametrized Non-Interference as a new technical ingredient for this purpose, that may be of independent interest. Second, we use automated tools to further explore the design space of such algorithms and provide the best known parallel mask refreshing gadgets for concretely relevant security orders. Incidentally, we also prove the security of a recent proposal of mask refreshing with improved resistance against horizontal attacks from CHES 2017.

Note: Correcting errors in Table 3 (algorithms marked as insecure are in fact secure) and propagating consequences to Table 4.

Available format(s)
Publication info
Preprint. MINOR revision.
Side-channel attacksmasking countermeasurerefreshing algorithmscomposability
Contact author(s)
sonia belaid @ cryptoexperts com
2018-05-30: revised
2018-05-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gilles Barthe and Sonia Belaïd and François Dupressoir and Pierre-Alain Fouque and Benjamin Grégoire and François-Xavier Standaert and Pierre-Yves Strub},
      title = {Improved Parallel Mask Refreshing Algorithms: Generic Solutions with Parametrized Non-Interference \& Automated Optimizations},
      howpublished = {Cryptology ePrint Archive, Paper 2018/505},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.