Paper 2022/252
Handcrafting: Improving Automated Masking in Hardware with Manual Optimizations
Charles Momin, Gaëtan Cassiers, and François-Xavier Standaert
Abstract
Masking is an important countermeasure against side-channel attacks, but its secure implementation is known to be error-prone. The automated verification and generation of masked designs is therefore an important theoretical and practical challenge. In a recent work, Knichel et al. proposed a tool for the automated generation of masked hardware implementations satisfying strong security properties (e.g., glitch-freeness and composability). In this paper, we study the possibility to improve their results based on manual performance optimizations for the AES algorithm. Our main conclusion is that as the target architecture becomes more serial, such a handcrafted approach gains interest. For example, we reach latency reductions by a factor six for 8-bit architectures. We conclude the paper by discussing the extent to which such optimizations could be integrated in the tool of Knichel et al. As a bonus, we adapt a composition-based verification tool to check that our implementations are robust against glitches & transitions, and confirm the security order of exemplary implementations with preliminary leakage assessment.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- Side-Channel AttacksMasking CountermeasureEfficient Hardware ImplementationsAES RijndaelFormal Verification
- Contact author(s)
-
charles momin @ uclouvain be
gaetan cassiers @ uclouvain be
fstandae @ uclouvain be - History
- 2022-03-02: received
- Short URL
- https://ia.cr/2022/252
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/252,
author = {Charles Momin and Gaëtan Cassiers and François-Xavier Standaert},
title = {Handcrafting: Improving Automated Masking in Hardware with Manual Optimizations},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/252},
year = {2022},
url = {https://eprint.iacr.org/2022/252}
}
