Cryptology ePrint Archive: Report 2019/615

My Gadget Just Cares For Me - How NINA Can Prove Security Against Combined Attacks

Siemen Dhooghe and Svetla Nikova

Abstract: Differential Power Analysis and Differential Fault Analysis threaten the security of even the most trustworthy cryptographic primitives. It is important we protect their implementation such that no sensitive information is leaked using side channels and it withstands injected faults or combined physical attacks.

In this work, we propose security notions tailored against advanced physical attacks consisting of both faults and probes on circuit wires. We then transform the security notions to composable security notions. The motivation for this research includes the ease of verification time; the creation of secure components; and the isolation of primitives in larger protocols such as modes of operations. We dub our notion NINA, which forms the link between the established Non-Interference (NI) property and our composable active security property, Non-Accumulation (NA).

To illustrate the NINA property, we use it to prove the security of two multiplication gadgets: an error checking duplication gadget and an error correcting duplication gadget. The NINA proofs for error detecting gadgets capture the effect of Statistical Ineffective Fault Analysis (SIFA), an attack vector which threatens most current masked implementations. Additionally, we study error correcting techniques. We show that error correcting gadgets can attain the Independent NINA property. A stronger property which captures a clear separation between the effect of faults and probes. Thus, we show that clever error correcting gadgets improve on error detecting ones by achieving significant higher levels of combined security along with guaranteed output delivery.

Category / Keywords: secret-key cryptography / Combined Security, DFA, DPA, Masking, SIFA

Original Publication (with minor differences): CT-RSA 2020

Date: received 31 May 2019, last revised 3 Dec 2019

Contact author: siemen dhooghe at esat kuleuven be,svetla nikova@esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20191203:090926 (All versions of this report)

Short URL: ia.cr/2019/615


[ Cryptology ePrint archive ]