Paper 2022/1624

Algorithms for switching between block-wise and arithmetic masking

Evgeny Alekseev, CryptoPro LLC
Andrey Bozhko, CryptoPro LLC

The task of ensuring the required level of security of information systems in the adversary models with additional data obtained through side channels (a striking example of implementing threats in such a model is a differential power analysis) has become increasingly relevant in recent years. An effective protection method against side-channel attacks is masking all intermediate variables used in the algorithm with random values. At the same time, many algorithms use masking of different kinds, for example, Boolean, byte-wise, and arithmetic; therefore, a problem of switching between masking of different kinds arises. Switching between Boolean and arithmetic masking is well studied, while no solutions have been proposed for switching between masking of other kinds. This article recalls the requirements for switching algorithms and presents algorithms for switching between block-wise and arithmetic masking, which includes the case of switching between byte-wise and arithmetic masking.

Available format(s)
Publication info
side-channel attacks masking techniques byte-wise masking mask switching
Contact author(s)
alekseev @ cryptopro ru
bozhko @ cryptopro ru
2022-11-23: approved
2022-11-22: received
See all versions
Short URL
Creative Commons Attribution


      author = {Evgeny Alekseev and Andrey Bozhko},
      title = {Algorithms for switching between block-wise and arithmetic masking},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1624},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.