Paper 2018/922

Optimized Threshold Implementations: Securing Cryptographic Accelerators for Low-Energy and Low-Latency Applications

Dušan Božilov, Miroslav Knežević, and Ventzislav Nikov

Abstract

Threshold implementations have emerged as one of the most popular masking countermeasures for hardware implementations of cryptographic primitives. In the original version of TI, the number of input shares was dependent on both security order $d$ and algebraic degree of a function $t$, namely $td + 1$. At CRYPTO 2015, a new method was presented yielding to a $d$-th order secure implementation using $d+1$ input shares. In this work, we first provide a construction for $d+1$ TI sharing which achieves the minimal number of output shares for any $n$-input Boolean function of degree $t=n-1$. Furthermore, we present a heuristic for minimizing the number of output shares for higher order $td + 1$ TI. Finally, we demonstrate the applicability of our results on $d+1$ and $td+1$ TI versions, for first- and second-order secure, low-latency and low-energy implementations of the PRINCE block cipher.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Threshold ImplementationsPRINCESCAMasking
Contact author(s)
dusan bozilov @ esat kuleuven be
History
2018-10-02: received
Short URL
https://ia.cr/2018/922
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/922,
      author = {Dušan Božilov and Miroslav Knežević and Ventzislav Nikov},
      title = {Optimized Threshold Implementations: Securing Cryptographic Accelerators for Low-Energy and Low-Latency Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2018/922},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/922}},
      url = {https://eprint.iacr.org/2018/922}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.