Cryptology ePrint Archive: Report 2018/562

maskVerif: automated analysis of software and hardware higher-order masked implementations

Gilles Barthe and Sonia Belaïd and Gaëtan Cassiers and Pierre-Alain Fouque and Benjamin Grégoire and François-Xavier Standaert

Abstract: Power and electromagnetic based side-channel attacks are serious threats against the security of cryptographic embedded devices. In order to mitigate these attacks, implementations use countermeasures, among which masking is currently the most investigated and deployed choice. Unfortunately, commonly studied forms of masking rely on underlying assumptions that are difficult to satisfy in practice. This is due to physical defaults, such as glitches or transitions, which can recombine the masked data in a way that concretely reduces an implementation’s security. We develop and implement an automated approach for verifying security of masked implementations in presence of physical defaults (glitches or transitions). Our approach helps to recover the main strengths of masking: rigorous foundations, composability guarantees, automated verification under more realistic assumptions. Our work follows the approach of (Barthe et al, EUROCRYPT 2015) and thus contributes to demonstrate the benefits of language-based approaches (specifically probabilistic information flow) for masking.

Category / Keywords: implementation / Side-Channel Attacks, Masking Countermeasure, Physical Defaults, Glitches, Automated verification, Composability, maskVerif

Original Publication (in the same form): ESORICS 2019

Date: received 4 Jun 2018, last revised 8 Jul 2019

Contact author: sonia belaid at cryptoexperts com

Available format(s): PDF | BibTeX Citation

Version: 20190708:164447 (All versions of this report)

Short URL: ia.cr/2018/562


[ Cryptology ePrint archive ]