Paper 2023/1914

Efficient Low-Latency Masking of Ascon without Fresh Randomness

Srinidhi Hari Prasad, Infineon Technologies, Germany
Florian Mendel, Infineon Technologies, Germany
Martin Schläffer, Infineon Technologies, Germany
Rishub Nagpal, Graz University of Technology, Austria
Abstract

In this work, we present the first low-latency, second-order masked hardware implementation of Ascon that requires no fresh randomness using only $d+1$ shares. Our results significantly outperform any publicly known second-order masked implementations of AES and Ascon in terms of combined area, latency and randomness requirements. Ascon is a family of lightweight authenticated encryption and hashing schemes selected by NIST for standardization. Ascon is tailored for small form factors. It requires less power and energy while attaining the same or even better performance than current NIST standards. We achieve the reduction of latency by rearranging the linear layers of the Ascon permutation in a round-based implementation. We provide an improved technique to achieve implementations without the need for fresh randomness. It is based on the concept of changing of the guards extended to the second-order case. Together with the reduction of latency, we need to consider a large set of additional conditions which we propose to solve using a SAT solver. We have formally verified both, our first- and second-order implementations of Ascon using CocoAlma for the first two rounds. Additionally, we have performed a leakage assessment using t-tests on all 12 rounds of the initial permutation. Finally, we provide a comparison of our second-order masked Ascon implementation with other results.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
AsconMaskinglow-latencyno fresh randomness
Contact author(s)
SrinidhiHari Prasad @ infineon com
Florian Mendel @ infineon com
Martin Schlaeffer @ infineon com
rishub nagpal @ iaik tugraz at
History
2023-12-15: approved
2023-12-13: received
See all versions
Short URL
https://ia.cr/2023/1914
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2023/1914,
      author = {Srinidhi Hari Prasad and Florian Mendel and Martin Schläffer and Rishub Nagpal},
      title = {Efficient Low-Latency Masking of Ascon without Fresh Randomness},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1914},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1914}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.