Paper 2018/693

Efficient Side-Channel Protections of ARX Ciphers

Bernhard Jungk, Richard Petri, and Marc Stöttinger

Abstract

The current state of the art of Boolean masking for the modular addition operation in software has a very high performance overhead. Firstly, the instruction count is very high compared to a normal addition operation. Secondly, until recently, the entropy consumed by such protections was also quite high. Our paper significantly improves both aspects, by applying the Threshold Implementation (TI) methodology with two shares and by reusing internal values as randomness source in such a way that the uniformity is always preserved. Our approach performs considerably faster compared to the previously known masked addition and subtraction algorithms by Coron et al. and Biryukov et al. improving the state of the art by 36%, if we only consider the number of ARM assembly instructions. Furthermore, similar to the masked adder from Biryukov et al. we reduce the amount of randomness and only require one bit additional entroy per addition, which is a good trade-off for the improved performance. We applied our improved masked adder to ChaCha20, for which we provide two new first-order protected implementations and achieve a 36% improvement over the best published result for ChaCha20 using an ARM Cortex-M4 microprocessor.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in TCHES 2018
Keywords
Modular AdditionMaskingSide-channel AnalysisChaCha20
Contact author(s)
bernhard @ projectstarfire de
History
2018-07-19: received
Short URL
https://ia.cr/2018/693
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/693,
      author = {Bernhard Jungk and Richard Petri and Marc Stöttinger},
      title = {Efficient Side-Channel Protections of ARX Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2018/693},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/693}},
      url = {https://eprint.iacr.org/2018/693}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.