Paper 2021/1378

Cryptanalysis of Efficient Masked Ciphers: Applications to Low Latency

Tim Beyne, Siemen Dhooghe, Amir Moradi, and Aein Rezaei Shahmirzadi

Abstract

This work introduces second-order masked implementations of LED, Midori, SKINNY, and PRINCE ciphers which do not require fresh masks to be updated at every clock cycle. The main idea lies on a combination of the constructions given by Shahmirzadi and Moradi at CHES~2021, and the theory presented by Beyne et al. at Asiacrypt~2020. The presented masked designs only use a minimal number of shares, i.e., three to achieve second-order security, and we make use of a trick to pair a couple of S-boxes to reduce their latency. The theoretical security analyses of our constructions are based on the linear-cryptanalytic properties of the underlying masked primitive as well as SILVER, the leakage verification tool presented at Asiacrypt~2020. To improve this cryptanalytic analysis, we use the \emph{noisy probing model} which allows for the inclusion of noise in the framework of Beyne et al. We further provide FPGA-based experimental security analysis confirming second-order protection of our masked implementations.

Metadata
Available format(s)
PDF
Publication info
Published by the IACR in Tches 2022
Keywords
Hardware SecurityLinear CryptanalysisMaskingProbing SecuritySide-Channel AnalysisThreshold Implementations
Contact author(s)
tim beyne @ esat kuleuven be
siemen dhooghe @ esat kuleuven be
aein rezaeishahmirzadi @ rub de
amir moradi @ rub de
History
2021-10-15: received
Short URL
https://ia.cr/2021/1378
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1378,
      author = {Tim Beyne and Siemen Dhooghe and Amir Moradi and Aein Rezaei Shahmirzadi},
      title = {Cryptanalysis of Efficient Masked Ciphers: Applications to Low Latency},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1378},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1378}},
      url = {https://eprint.iacr.org/2021/1378}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.