Paper 2018/597

Consolidating Security Notions in Hardware Masking

Lauren De Meyer, Begül Bilgin, and Oscar Reparaz

Abstract

In this paper, we revisit the security conditions of masked hardware implementations. We describe a new, succinct, information-theoretic condition called d-glitch immunity which is both necessary and sufficient for security in the presence of glitches. We show that this single condition includes, but is not limited to, previous security notions such as those used in higher-order threshold implementations and in abstractions using ideal gates. As opposed to these previously known necessary conditions, our new condition is also sufficient. On the other hand, it excludes avoidable notions such as uniformity. We also treat the notion of (strong) non-interference from an information-theoretic point-of-view in order to unify the different security concepts and pave the way to the verification of composability in the presence of glitches. We conclude the paper by demonstrating how the condition can be used as an efficient and highly generic flaw detection mechanism for a variety of functions and schemes based on different operations.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in TCHES 2019
Keywords
GlitchesDPASCAVerificationTISNINon-CompletenessMutual InformationInformation-theoryd-probingGlitch Immunity
Contact author(s)
lauren demeyer @ esat kuleuven be
History
2019-04-12: last of 3 revisions
2018-06-18: received
See all versions
Short URL
https://ia.cr/2018/597
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/597,
      author = {Lauren De Meyer and Begül Bilgin and Oscar Reparaz},
      title = {Consolidating Security Notions in Hardware Masking},
      howpublished = {Cryptology ePrint Archive, Paper 2018/597},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/597}},
      url = {https://eprint.iacr.org/2018/597}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.