Paper 2022/1627
The Random Fault Model
Abstract
In this work, we introduce a more advanced fault adversary inspired from the random probing model, called the random fault model, where the adversary can fault all values in the algorithm but where the probability for each fault to occur is limited. The new adversary model is used to evaluate the security of side-channel and fault countermeasures such as Boolean masking, error detection techniques, error correction techniques, multiplicative tags, and shuffling methods. The results of the security analysis reveal novel insights including: error correction providing little security when faults target more bits; the order between masking and duplication providing a trade-off between side-channel and fault security; and multiplicative masking providing exponential protection in the field size. Moreover, the results also explain the experimental results from CHES 2022 and find weaknesses in the shuffling method from SAMOS 2021.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint.
- Keywords
- EncodingFault AttacksMaskingRandom ProbingShuffling
- Contact author(s)
- siemen dhooghe @ esat kuleuven be
- History
- 2023-01-12: last of 2 revisions
- 2022-11-22: received
- See all versions
- Short URL
- https://ia.cr/2022/1627
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1627, author = {Siemen Dhooghe}, title = {The Random Fault Model}, howpublished = {Cryptology ePrint Archive, Paper 2022/1627}, year = {2022}, note = {\url{https://eprint.iacr.org/2022/1627}}, url = {https://eprint.iacr.org/2022/1627} }