Paper 2022/507

Low-Latency Hardware Private Circuits

David Knichel and Amir Moradi

Abstract

Over the last years, the rise of the IoT, and the connection of mobile - and hence physically accessible - devices, immensely enhanced the demand for fast and secure hardware implementations of cryptographic algorithms which offer thorough protection against SCA attacks. Among a variety of proposed countermeasures against SCA, masking has transpired to be a promising candidate, attracting significant attention in both, academia and industry. Here, abstract adversary models have been derived, aiming to accurately model real-world attack scenarios, while being sufficiently simple to enable formally proving the SCA resilience of masked implementations on an algorithmic level. In the context of hardware implementations, the robust probing model has become highly relevant for proving SCA resilience due to its capability to model physical defaults like glitches and data transitions. As constructing a correct and secure masked variant of large and complex circuits is a challenging task, a new line of research has recently emerged, aiming to design small, masked subcircuits - realizing for instance a simple AND gate - which still guarantee security when composed to a larger circuit. Although several designs realizing such composable subcircuits - commonly referred to as gadgets - have been proposed, negligible research was conducted in order to find trade-offs between different overhead metrics, like randomness requirement, latency, and area consumption. In this work, we present HPC3, a hardware gadget which is trivially composable under the notion of PINI in the glitch-extended robust probing model. HPC3 realizes a two-input AND gate in one clock cycle which is generalized for any arbitrary security order. Existing state-of-the-art PINI gadgets either require a latency of two clock cycles or are limited to first-order security. In short, HPC3 enables the designer to trade double the randomness for half the latency compared to existing gadgets, providing high flexibility and enabling the designer to gain significantly more speed in real-time applications.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. ACM Conference on Computer and Communications Security (CCS 2022)
Keywords
SCA-resilient ImplementationsTrivially Composable GadgetsHardware Private CircuitsProbing Model
Contact author(s)
david knichel @ rub de
amir moradi @ rub de
History
2022-05-13: last of 2 revisions
2022-04-28: received
See all versions
Short URL
https://ia.cr/2022/507
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/507,
      author = {David Knichel and Amir Moradi},
      title = {Low-Latency Hardware Private Circuits},
      howpublished = {Cryptology ePrint Archive, Paper 2022/507},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/507}},
      url = {https://eprint.iacr.org/2022/507}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.