Cryptology ePrint Archive: Report 2022/327

Provable Secure Software Masking in the Real-World

Arthur Beckers and Lennert Wouters and Benedikt Gierlichs and Bart Preneel and Ingrid Verbauwhede

Abstract: We evaluate eight implementations of provable secure side-channel masking schemes that were published in top-tier academic venues such as Eurocrypt, Asiacrypt, CHES and SAC. Specifically, we evaluate the side-channel attack resistance of eight open-source and first-order side-channel protected AES-128 software implementations on the Cortex-M4 platform. Using a T-test based leakage assessment we demonstrate that all implementations produce first-order leakage with as little as 10,000 traces. Additionally, we demonstrate that all except for two Inner Product Masking based implementations are vulnerable to a straightforward correlation power analysis attack. We provide an assembly level analysis showing potential sources of leakage for two implementations. Some of the studied implementations were provided for benchmarking purposes. We demonstrate several flaws in the benchmarking procedures and question the usefulness of the reported performance numbers in the face of the implementations’ poor side-channel resistance. This work serves as a reminder that practical evaluations cannot be omitted in the context of side-channel analysis.

Category / Keywords: implementation / Side-Channel Analysis, Leakage Assessment, Masking in Software

Original Publication (with minor differences): Workshop on Constructive Side-Channel Analysis and Secure Design 2022

Date: received 8 Mar 2022

Contact author: lennert wouters at esat kuleuven be, benedikt gierlichs at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20220314:114108 (All versions of this report)

Short URL: ia.cr/2022/327