DOMREP–An Orthogonal Countermeasure for Arbitrary Order Side-Channel and Fault Attack Protection

Abstract

Protection against physical attacks is a major requirement for cryptographic implementations on devices which can be accessed by attackers. Side-channel and fault injection attacks are the most common types of physical attacks. In this work we present a novel generic solution for simultaneous protection against side-channel and fault attacks with arbitrary order. We combine domain oriented masking and repetition codes in an orthogonal way and call this approach DOMREP. The resistance against side-channel attacks and fault attacks can be scaled independently of each other, for the protection against higher-order side-channel analysis and the injection of multiple faults including SIFA. We develop the generic concept of orthogonal protection, and implement the DOMREP concept on GIMLI, a round two NIST LWC competition candidate, on a Xilinx Artix-7 FPGA. Our implementation of GIMLI is verified to be resistant against univariate first-order side-channel attacks by TVLA. The resistance against SIFA is verified by means of fault emulation of single as well as multiple bit faults. Our implementation of GIMLI achieves the expected security level according to these measurements. We also provide numbers for the area overhead for our protected implementation of GIMLI.