Paper 2020/786

Random Probing Security: Verification, Composition, Expansion and New Constructions

Sonia Belaïd, Jean-Sébastien Coron, Emmanuel Prouff, Matthieu Rivain, and Abdul Rahman Taleb


The masking countermeasure is among the most powerful countermeasures to counteract side-channel attacks. Leakage models have been exhibited to theoretically reason on the security of such masked implementations. So far, the most widely used leakage model is the probing model defined by Ishai, Sahai, and Wagner at (CRYPTO 2003). While it is advantageously convenient for security proofs, it does not capture an adversary exploiting full leakage traces as, e.g., in horizontal attacks. Those attacks target the multiple manipulations of the same share to reduce noise and recover the corresponding value. To capture a wider class of attacks another model was introduced and is referred to as the random probing model. From a leakage parameter p, each wire of the circuit leaks its value with probability $p$. While this model much better reflects the physical reality of side channels, it requires more complex security proofs and does not yet come with practical constructions. In this paper, we define the first framework dedicated to the random probing model. We provide an automatic tool, called VRAPS, to quantify the random probing security of a circuit from its leakage probability. We also formalize a composition property for secure random probing gadgets and exhibit its relation to the strong non-interference (SNI) notion used in the context of probing security. We then revisit the expansion idea proposed by Ananth, Ishai, and Sahai (CRYPTO 2018) and introduce a compiler that builds a random probing secure circuit from small base gadgets achieving a random probing expandability property. We instantiate this compiler with small gadgets for which we verify the expected properties directly from our automatic tool. Our construction can tolerate a leakage probability up to $2^{-8}$, against $2^{-25}$ for the previous construction, with a better asymptotic complexity.

Available format(s)
Publication info
A major revision of an IACR publication in CRYPTO 2020
CompilerMaskingAutomated verificationRandom probing model
Contact author(s)
sonia belaid @ cryptoexperts com
jean-sebastien coron @ uni lu
emmanuel prouff @ ssi gouv fr
matthieu rivain @ cryptoexperts com
abdul taleb @ cryptoexperts com
2020-10-29: last of 3 revisions
2020-06-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sonia Belaïd and Jean-Sébastien Coron and Emmanuel Prouff and Matthieu Rivain and Abdul Rahman Taleb},
      title = {Random Probing Security: Verification, Composition, Expansion and New Constructions},
      howpublished = {Cryptology ePrint Archive, Paper 2020/786},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.