Paper 2023/1746
A masking method based on orthonormal spaces, protecting several bytes against both SCA and FIA with a reduced cost
Abstract
In the attacker models of Side-Channel Attacks (SCA) and Fault Injection Attacks (FIA), the opponent has access to a noisy version of the internal behavior of the hardware. Since the end of the nineties, many works have shown that this type of attacks constitutes a serious threat to cryptosystems implemented in embedded devices. In the state-of-the-art, there exist several countermeasures to protect symmetric encryption (especially AES-128). Most of them protect only against one of these two attacks (either SCA or FIA). The main known counter-measure against SCA is masking; it makes the complexity of SCA growing exponentially with its order d. The most general version of masking is based on error correcting codes. It has the advantage of offering in principle a protection against both types of attacks (SCA and FIA), but all the functions implemented in the algorithm need to be masked accordingly, and this is not a simple task in general. We propose a particular version of such construction that has several advantages: it has a very low computation complexity, it offers a concrete protection against both SCA and FIA, and finally it allows flexibility: being not specifically dedicated to AES, it can be applied to any block cipher with any S-boxes. In the state-of-art, masking schemes all come with pros and cons concerning the different types of complexity (time, memory, amount of randomness). Our masking scheme concretely achieves the complexity of the best known scheme, for each complexity type
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Journal of Cryptographic Engineering
- DOI
- 10.1007/s13389-023-00339-9
- Keywords
- Masking countermeasureError correcting codesGeneralized Reed-Solomon codesSide-channel attackFault injection attack
- Contact author(s)
-
claude carlet @ gmail com
daif abde @ yahoo fr
sylvain guilley @ secure-ic com
tavernier cedric @ gmail com - History
- 2023-11-13: approved
- 2023-11-11: received
- See all versions
- Short URL
- https://ia.cr/2023/1746
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1746, author = {Claude Carlet and Abderrahman Daif and Sylvain Guilley and Cédric Tavernier}, title = {A masking method based on orthonormal spaces, protecting several bytes against both {SCA} and {FIA} with a reduced cost}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1746}, year = {2023}, doi = {10.1007/s13389-023-00339-9}, url = {https://eprint.iacr.org/2023/1746} }