Paper 2021/1314

High-order Table-based Conversion Algorithms and Masking Lattice-based Encryption

Jean-Sébastien Coron
François Gérard
Simon Montoya
Rina Zeitoun
Abstract

Masking is the main countermeasure against side-channel attacks on embedded devices. For cryptographic algorithms that combine Boolean and arithmetic masking, one must therefore convert between the two types of masking, without leaking additional information to the attacker. In this paper we describe a new high-order conversion algorithm between Boolean and arithmetic masking, based on table recomputation, and provably secure in the ISW probing model. We show that our technique is particularly efficient for masking structured LWE encryption schemes such as Kyber and Saber. In particular, for Kyber IND-CPA decryption, we obtain an order of magnitude improvement compared to existing techniques.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A minor revision of an IACR publication in TCHES 2022
Keywords
High-order maskinglattice-based cryptographyconversion algorithms
Contact author(s)
jean-sebastien coron @ uni lu
History
2023-05-20: last of 5 revisions
2021-09-30: received
See all versions
Short URL
https://ia.cr/2021/1314
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2021/1314,
      author = {Jean-Sébastien Coron and François Gérard and Simon Montoya and Rina Zeitoun},
      title = {High-order Table-based Conversion Algorithms and Masking Lattice-based Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1314},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1314}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.