mid-pSquare: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software

Brieuc Balon; Lorenzo Grassi; Pierrick Méaux; Thorben Moos; François-Xavier Standaert; Matthias Johann Steiner

Paper 2025/519

mid-pSquare: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software

Brieuc Balon, UCLouvain

Lorenzo Grassi

, Eindhoven University of Technology

Pierrick Méaux

, Luxembourg University

Thorben Moos

, UCLouvain

François-Xavier Standaert

, UCLouvain

Matthias Johann Steiner

, Alpen-Adria-Universität Klagenfurt

Abstract

Efficiently protecting embedded software implementations of standard symmetric cryptographic primitives against side-channel attacks has been shown to be a considerable challenge in practice. This is, in part, due to the most natural countermeasure for such ciphers, namely Boolean masking, not amplifying security well in the absence of sufficient physical noise in the measurements. So-called prime-field masking has been demonstrated to provide improved theoretical guarantees in this context, and the Feistel for Prime Masking (FPM) family of Tweakable Block Ciphers (TBCs) has been recently introduced (Eurocrypt’24) to efficiently leverage these advantages. However, it was so far only instantiated for and empirically evaluated in a hardware implementation context, by using a small (7-bit) prime modulus. In this paper, we build on the theoretical incentive to increase the field size to obtain improved side-channel (Eurocrypt’24) and fault resistance (CHES’24), as well as on the practical incentive to instantiate an FPM instance with optimized performance on 32-bit software platforms. We introduce mid-pSquare for this purpose, a lightweight TBC operating over a 31-bit Mersenne prime field. We first provide an in-depth black box security analysis with a particular focus on algebraic attacks – which, contrary to the cryptanalysis of instances over smaller primes, are more powerful than statistical ones in our setting. We also design a strong tweak schedule to account for potential related-tweak algebraic attacks which, so far, are almost unknown in the literature. We then demonstrate that mid-pSquare implementations deliver very competitive performance results on the target platform compared to analogous binary TBCs regardless of masked or unmasked implementation (we use fix-sliced SKINNY for our comparisons). Finally, we experimentally establish the side-channel security improvements that masked mid-pSquare can lead to, reaching unmatched resistance to profiled horizontal attacks on lightweight 32-bit processors (ARM Cortex-M4).

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint.
Keywords: Side-Channel Attacks Prime Ciphers Software Masking
Contact author(s): brieuc balon @ uclouvain be
l grassi @ tue nl
pierrick meaux @ uni lu
thorben moos @ uclouvain be
francois-xavier standaert @ uclouvain be
mattsteiner @ edu aau at
History: 2025-03-21: approved; 2025-03-19: received; See all versions
Short URL: https://ia.cr/2025/519
License: CC BY

BibTeX

@misc{cryptoeprint:2025/519,
      author = {Brieuc Balon and Lorenzo Grassi and Pierrick Méaux and Thorben Moos and François-Xavier Standaert and Matthias Johann Steiner},
      title = {mid-{pSquare}: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/519},
      year = {2025},
      url = {https://eprint.iacr.org/2025/519}
}