Paper 2020/773
An Instruction Set Extension to Support Software-Based Masking
Si Gao, Johann Großschädl, Ben Marshall, Dan Page, Thinh Pham, and Francesco Regazzoni
Abstract
In both hardware and software, masking can represent an effective means of hardening an implementation against side channel attack vectors such as Differential Power Analysis (DPA). Focusing on software, however, the use of masking can present various challenges: specifically, it often 1) requires significant effort to translate any theoretical security properties into practice, and, even then, 2) imposes a significant overhead in terms of efficiency. To address both challenges, this paper explores use of an Instruction Set Extension (ISE) to support masking in software-based implementations of a range of (symmetric) cryptographic kernels including AES: we design, implement, and evaluate such an ISE, using RISC-V as the base ISA. Our ISE-supported first-order masked implementation of AES, for example, is an order of magnitude more efficient than a software-only alternative wrt. both execution latency and memory footprint; this renders it comparable to an unmasked implementation using the same metrics, but also first-order secure.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- A minor revision of an IACR publication in TCHES 2021
- Keywords
- Symmetric CryptosystemsDifferential Power AnalysisMaskingInstruction Set ExtensionRISC-V Architecture
- Contact author(s)
- johann groszschaedl @ uni lu
- History
- 2021-07-14: last of 2 revisions
- 2020-06-24: received
- See all versions
- Short URL
- https://ia.cr/2020/773
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/773,
author = {Si Gao and Johann Großschädl and Ben Marshall and Dan Page and Thinh Pham and Francesco Regazzoni},
title = {An Instruction Set Extension to Support Software-Based Masking},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/773},
year = {2020},
url = {https://eprint.iacr.org/2020/773}
}
