Paper 2021/434

On the Power of Expansion: More Efficient Constructions in the Random Probing Model

Sonia Belaïd, Matthieu Rivain, and Abdul Rahman Taleb

Abstract

The random probing model is a leakage model in which each wire of a circuit leaks with a given probability $p$. This model enjoys practical relevance thanks to a reduction to the noisy leakage model, which is admitted as the right formalization for power and electromagnetic side-channel attacks. In addition, the random probing model is much more convenient than the noisy leakage model to prove the security of masking schemes. In a recent work, Ananth, Ishai and Sahai (CRYPTO 2018) introduce a nice expansion strategy to construct random probing secure circuits. Their construction tolerates a leakage probability of $2^{-26}$, which is the first quantified achievable leakage probability in the random probing model. In a follow-up work, Belaïd, Coron, Prouff, Rivain and Taleb (CRYPTO 2020) generalize their idea and put forward a complete and practical framework to generate random probing secure circuits. The so-called expanding compiler can bootstrap simple base gadgets as long as they satisfy a new security notion called random probing expandability (RPE). They further provide an instantiation of the framework which tolerates a $2^{-8}$ leakage probability in complexity $\mathcal{O}(\kappa^{7.5})$ where $\kappa$ denotes the security parameter. In this paper, we provide an in-depth analysis of the RPE security notion. We exhibit the first upper bounds for the main parameter of a RPE gadget, which is known as the amplification order. We further show that the RPE notion can be made tighter and we exhibit strong connections between RPE and the strong non-interference (SNI) composition notion. We then introduce the first generic constructions of gadgets achieving RPE for any number of shares and with nearly optimal amplification orders and provide an asymptotic analysis of such constructions. Last but not least, we introduce new concrete constructions of small gadgets achieving maximal amplification orders. This allows us to obtain much more efficient instantiations of the expanding compiler: we obtain a complexity of $\mathcal{O}(\kappa^{3.9})$ for a slightly better leakage probability, as well as $\mathcal{O}(\kappa^{3.2})$ for a slightly lower leakage probability.

Metadata
Available format(s)
PDF
Publication info
A minor revision of an IACR publication in EUROCRYPT 2021
Keywords
Random probing modelmaskingside-channel security
Contact author(s)
abdul taleb @ cryptoexperts com
History
2021-04-06: received
Short URL
https://ia.cr/2021/434
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/434,
      author = {Sonia Belaïd and Matthieu Rivain and Abdul Rahman Taleb},
      title = {On the Power of Expansion: More Efficient Constructions in the Random Probing Model},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/434},
      year = {2021},
      url = {https://eprint.iacr.org/2021/434}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.