Secure Message Authentication in the Presence of Leakage and Faults

Francesco Berti; Chun Guo; Thomas Peters; Yaobin Shen; François-Xavier Standaert

Paper 2022/1142

Secure Message Authentication in the Presence of Leakage and Faults

Francesco Berti, TU Darmstadt, Germany

Chun Guo, Shandong University, China

Thomas Peters, UCLouvain, Belgium

Yaobin Shen, UCLouvain, Belgium

François-Xavier Standaert, UCLouvain, Belgium

Abstract

Security against side-channels and faults is a must for the deployment of embedded cryptography. A wide body of research has investigated solutions to secure implementations against these attacks at different abstraction levels. Yet, to a large extent, current solutions focus on one or the other threat. In this paper, we initiate a mode-level study of cryptographic primitives that can ensure security in a (new and practically-motivated) adversarial model combining leakage and faults. Our goal is to identify constructions that do not require a uniform protections of all their operations against both attack vectors. For this purpose, we first introduce a versatile and intuitive model to capture leakage and faults. We then show that a MAC introduced at Asiacrypt 2021 natively enables a leveled implementation where only its underlying tweakable block cipher must be protected, as long as only its tag verification can be faulted. We finally describe two approaches to amplify security in the case where also the tag generation can be faulted. One is based on iteration and requires the adversary to inject increasingly large faults to succeed. The other is based on randomness and allows provable security against differential faults.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published by the IACR in TOSC 2023
Keywords: leakage; faults; mode-level protections
Contact author(s): francesco berti @ tu-darmstadt de
201999900076 @ sdu edu cn
thomas peters @ uclouvain be
yaobin shen @ uclouvain be
fstandae @ uclouvain be
History: 2023-02-20: revised; 2022-09-01: received; See all versions
Short URL: https://ia.cr/2022/1142
License: CC BY

BibTeX

@misc{cryptoeprint:2022/1142,
      author = {Francesco Berti and Chun Guo and Thomas Peters and Yaobin Shen and François-Xavier Standaert},
      title = {Secure Message Authentication in the Presence of Leakage and Faults},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1142},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1142}},
      url = {https://eprint.iacr.org/2022/1142}
}