Paper 2025/519
mid-pSquare: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software
Abstract
Efficiently protecting embedded software implementations of standard symmetric cryptographic primitives against side-channel attacks has been shown to be a considerable challenge in practice. This is, in part, due to the most natural countermeasure for such ciphers, namely Boolean masking, not amplifying security well in the absence of sufficient physical noise in the measurements. So-called prime-field masking has been demonstrated to provide improved theoretical guarantees in this context, and the Feistel for Prime Masking (FPM) family of Tweakable Block Ciphers (TBCs) has been recently introduced (Eurocrypt’24) to efficiently leverage these advantages. However, it was so far only instantiated for and empirically evaluated in a hardware implementation context, by using a small (7-bit) prime modulus. In this paper, we build on the theoretical incentive to increase the field size to obtain improved side-channel (Eurocrypt’24) and fault resistance (CHES’24), as well as on the practical incentive to instantiate an FPM instance with optimized performance on 32-bit software platforms. We introduce mid-pSquare for this purpose, a lightweight TBC operating over a 31-bit Mersenne prime field. We first provide an in-depth black box security analysis with a particular focus on algebraic attacks – which, contrary to the cryptanalysis of instances over smaller primes, are more powerful than statistical ones in our setting. We also design a strong tweak schedule to account for potential related-tweak algebraic attacks which, so far, are almost unknown in the literature. We then demonstrate that mid-pSquare implementations deliver very competitive performance results on the target platform compared to analogous binary TBCs regardless of masked or unmasked implementation (we use fix-sliced SKINNY for our comparisons). Finally, we experimentally establish the side-channel security improvements that masked mid-pSquare can lead to, reaching unmatched resistance to profiled horizontal attacks on lightweight 32-bit processors (ARM Cortex-M4).
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint.
- Keywords
- Side-Channel AttacksPrime CiphersSoftware Masking
- Contact author(s)
-
brieuc balon @ uclouvain be
l grassi @ tue nl
pierrick meaux @ uni lu
thorben moos @ uclouvain be
francois-xavier standaert @ uclouvain be
mattsteiner @ edu aau at - History
- 2025-03-21: approved
- 2025-03-19: received
- See all versions
- Short URL
- https://ia.cr/2025/519
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/519, author = {Brieuc Balon and Lorenzo Grassi and Pierrick Méaux and Thorben Moos and François-Xavier Standaert and Matthias Johann Steiner}, title = {mid-{pSquare}: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/519}, year = {2025}, url = {https://eprint.iacr.org/2025/519} }