Paper 2022/252

Handcrafting: Improving Automated Masking in Hardware with Manual Optimizations

Charles Momin, Gaëtan Cassiers, and François-Xavier Standaert

Abstract

Masking is an important countermeasure against side-channel attacks, but its secure implementation is known to be error-prone. The automated verification and generation of masked designs is therefore an important theoretical and practical challenge. In a recent work, Knichel et al. proposed a tool for the automated generation of masked hardware implementations satisfying strong security properties (e.g., glitch-freeness and composability). In this paper, we study the possibility to improve their results based on manual performance optimizations for the AES algorithm. Our main conclusion is that as the target architecture becomes more serial, such a handcrafted approach gains interest. For example, we reach latency reductions by a factor six for 8-bit architectures. We conclude the paper by discussing the extent to which such optimizations could be integrated in the tool of Knichel et al. As a bonus, we adapt a composition-based verification tool to check that our implementations are robust against glitches & transitions, and confirm the security order of exemplary implementations with preliminary leakage assessment.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. Minor revision.
Keywords
Side-Channel AttacksMasking CountermeasureEfficient Hardware ImplementationsAES RijndaelFormal Verification
Contact author(s)
charles momin @ uclouvain be
gaetan cassiers @ uclouvain be
fstandae @ uclouvain be
History
2022-03-02: received
Short URL
https://ia.cr/2022/252
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/252,
      author = {Charles Momin and Gaëtan Cassiers and François-Xavier Standaert},
      title = {Handcrafting: Improving Automated Masking in Hardware with Manual Optimizations},
      howpublished = {Cryptology ePrint Archive, Paper 2022/252},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/252}},
      url = {https://eprint.iacr.org/2022/252}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.