Paper 2018/825

Low Randomness Masking and Shuffling: An Evaluation Using Mutual Information

Kostas Papagiannopoulos

Abstract

Side-channel countermeasure designers often face severe performance overheads when trying to protect a device. Widely applied countermeasures such as masking and shuffling entail generating a large amount of random numbers, which can result in a computational bottleneck. To mitigate the randomness cost, this work evaluates low-randomness versions of both masking and shuffling, namely Recycled Randomness Masking (RRM) and Reduced Randomness Shuffling (RRS). These countermeasures employ memory units to store generated random numbers and reuse them in subsequent computations,making them primarily suitable for implementation on devices with sufficient memory. Both RRM and RRS are evaluated using the MI-based framework in the context of horizontal attacks. The evaluation exhibits the tradeoff between the randomness cost and the noisy leakage security level offered by the countermeasures, enabling the designer to fine-tune a masking or shuffling scheme and maximize the security level achieved for a certain cost.

Note: Typo fixes

Metadata
Available format(s)
PDF
Publication info
A minor revision of an IACR publication in TCHES 2018
Keywords
maskingshufflingRNG
Contact author(s)
kostaspap88 @ gmail com
History
2018-09-14: revised
2018-09-06: received
See all versions
Short URL
https://ia.cr/2018/825
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/825,
      author = {Kostas Papagiannopoulos},
      title = {Low Randomness Masking and Shuffling: An Evaluation Using Mutual Information},
      howpublished = {Cryptology ePrint Archive, Paper 2018/825},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/825}},
      url = {https://eprint.iacr.org/2018/825}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.