Paper 2023/1143

Combined Fault and Leakage Resilience: Composability, Constructions and Compiler

Sebastian Berndt, University of Lübeck
Thomas Eisenbarth, University of Lübeck
Sebastian Faust, TU Darmstadt
Marc Gourjon, Hamburg University of Technology, NXP Semiconductors
Maximilian Orlt, TU Darmstadt
Okan Seker, University of Lübeck, NXP Semiconductors

Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant. This work presents a compiler based on polynomial masking that achieves linear computational complexity for affine functions and cubic complexity for non-linear functions. The resulting compiler is secure against attackers using region probes and adaptive faults. In addition, the notion of fault-invariance is introduced to improve security against combined attacks without the need to consider all possible fault combinations. Our approach has the best-known asymptotic efficiency among all known approaches.

Available format(s)
Publication info
A major revision of an IACR publication in CRYPTO 2023
Contact author(s)
s berndt @ uni-luebeck de
thomas eisenbarth @ uni-luebeck de
sebastian faust @ tu-darmstadt de
marc gourjon @ tuhh de
maximilian orlt @ tu-darmstadt de
okan seker @ nxp com
2023-07-27: approved
2023-07-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sebastian Berndt and Thomas Eisenbarth and Sebastian Faust and Marc Gourjon and Maximilian Orlt and Okan Seker},
      title = {Combined Fault and Leakage Resilience: Composability, Constructions and Compiler},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1143},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.