Paper 2021/1671

IronMask: Versatile Verification of Masking Security

Sonia Belaïd, Darius Mercadier, Matthieu Rivain, and Abdul Rahman Taleb

Abstract

This paper introduces IronMask, a new versatile verification tool for masking security. IronMask is the first to offer the verification of standard simulation-based security notions in the probing model as well as recent composition and expandability notions in the random probing model. It supports any masking gadgets with linear randomness (e.g. addition, copy and refresh gadgets) as well as quadratic gadgets (e.g. multiplication gadgets) that might include non-linear randomness (e.g. by refreshing their inputs), while providing complete verification results for both types of gadgets. We achieve this complete verifiability by introducing a new algebraic characterization for such quadratic gadgets and exhibiting a complete method to determine the sets of input shares which are necessary and sufficient to perform a perfect simulation of any set of probes. We report various benchmarks which show that IronMask is competitive with state-of-the-art verification tools in the probing model (maskVerif, scVerif, SILVER, matverif). IronMask is also several orders of magnitude faster than VRAPS --the only previous tool verifying random probing composability and expandability-- as well as SILVER --the only previous tool providing complete verification for quadratic gadgets with non-linear randomness. Thanks to this completeness and increased performance, we obtain better bounds for the tolerated leakage probability of state-of-the-art random probing secure compilers.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. 43rd IEEE Symposium on Security and Privacy 2022
Keywords
Side-channel securitymaskingphysical defaultsautomatic verificationcomplete verificationcompositionprobing modelrandom probing modelIronMask
Contact author(s)
abdul taleb @ cryptoexperts com
History
2021-12-21: received
Short URL
https://ia.cr/2021/1671
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1671,
      author = {Sonia Belaïd and Darius Mercadier and Matthieu Rivain and Abdul Rahman Taleb},
      title = {IronMask: Versatile Verification of Masking Security},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1671},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1671}},
      url = {https://eprint.iacr.org/2021/1671}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.