Paper 2022/1627
The Random Fault Model
, KU Leuven, KU LeuvenAbstract
In this work, we introduce the random fault model - a more advanced fault model inspired by the random probing model, where the adversary can fault all values in the algorithm but the probability for each fault to occur is limited. The new adversary model is used to evaluate the security of side-channel and fault countermeasures such as Boolean masking, error detection techniques, error correction techniques, multiplicative tags, and shuffling methods. The results of the security analysis reveal new insights both in the novel random fault model as well as in the established random probing model including: shuffling masked implementations does not significantly improve the random probing security over regular masking; error correction providing little security when faults target more bits (versus the significant improvement when using error detection); and the order in which masking and duplication are applied providing a trade-off between random probing and fault security. Moreover, the results also explain the experimental results from CHES 2022 and find weaknesses in the shuffling method from SAMOS 2021.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. SAC 2023
- Keywords
- EncodingFault AttacksMaskingRandom ProbingShuffling
- Contact author(s)
-
siemen dhooghe @ esat kuleuven be
svetla nikova @ esat kuleuven be - History
- 2023-08-28: last of 3 revisions
- 2022-11-22: received
- See all versions
- Short URL
- https://ia.cr/2022/1627
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1627,
author = {Siemen Dhooghe and Svetla Nikova},
title = {The Random Fault Model},
howpublished = {Cryptology ePrint Archive, Paper 2022/1627},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/1627}},
url = {https://eprint.iacr.org/2022/1627}
}
