Paper 2021/880

Towards Tight Random Probing Security

Gaëtan Cassiers, Sebastian Faust, Maximilian Orlt, and François-Xavier Standaert


Proving the security of masked implementations in theoretical models that are relevant to practice and match the best known attacks of the side-channel literature is a notoriously hard problem. The random probing model is a good candidate to contribute to this challenge, due to its ability to capture the continuous nature of physical leakage (contrary to the threshold probing model), while also being convenient to manipulate in proofs and to automate with verification tools. Yet, despite recent progresses in the design of masked circuits with good asymptotic security guarantees in this model, existing results still fall short when it comes to analyze the security of concretely useful circuits under realistic noise levels and with low number of shares. In this paper, we contribute to this issue by introducing a new composability notion, the Probe Distribution Table (PDT), and a new tool (called STRAPS, for the Sampled Testing of the RAndom Probing Security). Their combination allows us to significantly improve the tightness of existing analyses in the most practical (low noise, low number of shares) region of the design space. We illustrate these improvements by quantifying the random probing security of an AES S-box circuit, masked with the popular multiplication gadget of Ishai, Sahai and Wagner from Crypto 2003, with up to six shares.

Available format(s)
Publication info
A minor revision of an IACR publication in CRYPTO 2021
MaskingRandom probing modelComposability
Contact author(s)
gaetan cassiers @ uclouvain be
maximilian orlt @ tu-darmstadt de
fstandae @ uclouvain be
sebastian faust @ cs tu-darmstadt de
2021-06-29: received
Short URL
Creative Commons Attribution


      author = {Gaëtan Cassiers and Sebastian Faust and Maximilian Orlt and François-Xavier Standaert},
      title = {Towards Tight Random Probing Security},
      howpublished = {Cryptology ePrint Archive, Paper 2021/880},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.