Cryptology ePrint Archive: Report 2018/693

Efficient Side-Channel Protections of ARX Ciphers

Bernhard Jungk and Richard Petri and Marc Stöttinger

Abstract: The current state of the art of Boolean masking for the modular addition operation in software has a very high performance overhead. Firstly, the instruction count is very high compared to a normal addition operation. Secondly, until recently, the entropy consumed by such protections was also quite high. Our paper significantly improves both aspects, by applying the Threshold Implementation (TI) methodology with two shares and by reusing internal values as randomness source in such a way that the uniformity is always preserved. Our approach performs considerably faster compared to the previously known masked addition and subtraction algorithms by Coron et al. and Biryukov et al. improving the state of the art by 36%, if we only consider the number of ARM assembly instructions. Furthermore, similar to the masked adder from Biryukov et al. we reduce the amount of randomness and only require one bit additional entroy per addition, which is a good trade-off for the improved performance. We applied our improved masked adder to ChaCha20, for which we provide two new first-order protected implementations and achieve a 36% improvement over the best published result for ChaCha20 using an ARM Cortex-M4 microprocessor.

Category / Keywords: implementation / Modular Addition, Masking, Side-channel Analysis, ChaCha20

Original Publication (in the same form): IACR-CHES-2018

Date: received 18 Jul 2018

Contact author: bernhard at projectstarfire de

Available format(s): PDF | BibTeX Citation

Version: 20180719:135334 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]