Cryptology ePrint Archive: Report 2018/531

Polynomial direct sum masking to protect against both SCA and FIA

Claude Carlet and Abderrahman Daif and Sylvain Guilley and CÚdric Tavernier

Abstract: Side Channel Attacks (SCA) and Fault Injection Attacks (FIA) allow an opponent to have partial access to the internal behavior of the hardware. Since the end of the nineties, many works have shown that this type of attacks constitute a serious threat to cryptosystems implemented in embedded devices. In the state of the art, there exist several countermeasures to protect symmetric encryption (especially AES-128). Most of them protect only against one of these two attacks (SCA or FIA). A method called ODSM has been proposed to withstand SCA and FIA , but its implementation in the whole algorithm is a big open problem when no particular hardware protection is possible. In the present paper, we propose a practical masking scheme specifying ODSM which makes it possible to protect the symmetric encryption against these two attacks.

Category / Keywords: implementation / Masking countermeasure, Error correcting codes, Side channel attack, Fault injection attack, AES.

Date: received 30 May 2018

Contact author: daif abde at yahoo fr

Available format(s): PDF | BibTeX Citation

Version: 20180604:212346 (All versions of this report)

Short URL: ia.cr/2018/531


[ Cryptology ePrint archive ]