Paper 2020/185

Hardware Private Circuits: From Trivial Composition to Full Verification

Gaëtan Cassiers, Benjamin Grégoire, Itamar Levi, and François-Xavier Standaert

Abstract

The design of glitch-resistant higher-order masking schemes is an important challenge in cryptographic engineering. A recent work by Moos et al. (CHES 2019) showed that most published schemes (and all efficient ones) exhibit local or composability flaws at high security orders, leaving a critical gap in the literature on hardware masking. In this paper, we first extend the simulatability framework of Belaïd et al. (EUROCRYPT 2016) and prove that a compositional strategy that is correct without glitches remains valid with glitches. We then use this extended framework to prove the first masked gadgets that enable trivial composition with glitches at arbitrary orders. We show that the resulting "Hardware Private Circuits'' approach the implementation efficiency of previous (flawed) schemes. We finally investigate how trivial composition can serve as a basis for a tool that allows verifying full masked hardware implementations (e.g., of complete block ciphers) at any security order. The tool checks that a synthesized HDL code fulfills the topological requirements of the composability theorems. As side products, we improve the randomness complexity of the best published refreshing gadgets, show that some S-box representations allow latency reductions and confirm practical claims based on implementation~results.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. MINOR revision.IEEE Transactions on Computers
DOI
10.1109/TC.2020.3022979
Keywords
side-channel masking
Contact author(s)
gaetan cassiers @ uclouvain be
History
2021-03-17: last of 3 revisions
2020-02-18: received
See all versions
Short URL
https://ia.cr/2020/185
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/185,
      author = {Gaëtan Cassiers and Benjamin Grégoire and Itamar Levi and François-Xavier Standaert},
      title = {Hardware Private Circuits: From Trivial Composition to Full Verification},
      howpublished = {Cryptology ePrint Archive, Paper 2020/185},
      year = {2020},
      doi = {10.1109/TC.2020.3022979},
      note = {\url{https://eprint.iacr.org/2020/185}},
      url = {https://eprint.iacr.org/2020/185}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.