Paper 2026/288
Bypassing the Random-Probing Model in Masking Security Proofs
Abstract
Masking, i.e., computing over secret-shared data, is one of the main counter-measures against side-channel analysis, provably secure in the standard noisy-leakage model. However, all the state-of-the-art security proofs rely on a reduction to a more abstract model called random probing (Eurocrypt’14). As a result, the noise requirements of such proofs must scale with the field size of the circuit which, beyond not reflecting real-world physics of target devices, is often prohibitive, especially in the post-quantum era. That is why it is critical to find alternative strategies to the reduction to the random-probing model. In this paper, we establish for the first time a masking security proof bypassing this reduction, answering positively to the above question. Contrary to the common belief that directly working in the noisy-leakage model is not convenient, we show how to reach this goal by leveraging an extension of the Xor lemma. We also show how to leverage the IOS framework (CHES’21) in order to derive composable security directly in the noisy-leakage model. As a result, our bound relies on relaxed noise requirements characterized in a weaker metric than the so far state of the art (Crypto’24, ’19). Moreover, our new proof strategy allows us to derive a security bound for circuits masked with the first-order ISW compiler, for which the optimal noise requirement scales as \(\Theta\left(\left|\mathbb{F}\right|^{1/2}\right)\), whereas proofs using the random-probing model work in a regime of \(\mathcal{O}\left(\left|\mathbb{F}\right|\right)\). The latter contribution illustrates how some current design choices for masked implementations could be concretely affected: we exhibit two exemplary masked implementations such that the former one is more secure in the (more abstract) random-probing model, whereas the latter one is more secure in the (more realistic) noisy-leakage model.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- A major revision of an IACR publication in CRYPTO 2026
- Keywords
- MaskingNoisy leakageRandom ProbingXOR LemmaReductionLeakage Model
- Contact author(s)
-
julien beguinot @ uclouvain be
gianluca brian @ tu-darmstadt de
loic masure @ lirmm fr - History
- 2026-06-01: revised
- 2026-02-17: received
- See all versions
- Short URL
- https://ia.cr/2026/288
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2026/288,
author = {Julien Béguinot and Gianluca Brian and Loïc Masure},
title = {Bypassing the Random-Probing Model in Masking Security Proofs},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/288},
year = {2026},
url = {https://eprint.iacr.org/2026/288}
}