Praveen Kumar Vadnala

Conversion of security proofs from one leakage model to another: a new issue

To guarantee the security of a cryptographic implementation against Side Channel Attacks, a common approach is to formally prove the security of the corresponding scheme in a model as pertinent as possible. Nowadays, security proofs for masking schemes in the literature are usually conducted for models where only the manipulated data are assumed to leak. However in practice, the leakage is better modeled encompassing the memory transitions as e.g. the Hamming distance model. From this observation, a natural question is to decide at which extent a countermeasure proved to be secure in the first model stays secure in the second. In this paper, we look at this issue and we show that it must definitely be taken into account. Indeed, we show that a countermeasure proved to be secure against second-order side-channel attacks in the first model becomes vulnerable against a first-order side-channel attack in the second model. Our result emphasize the issue of porting an implementation from devices leaking only on the manipulated data to devices leaking on the memory transitions.

Secure Conversion between Boolean and Arithmetic Masking of Any Order

An effective countermeasure against side-channel attacks is to mask all sensitive intermediate variables with one or more random values. When a cryptographic algorithm involves both arithmetic and Boolean operations, it is necessary to convert from arithmetic masking to Boolean masking and vice versa. At CHES 2001, Goubin introduced two algorithms for secure conversion between arithmetic and Boolean masks, but his approach can only be applied to first-order masking. In this paper, we present and evaluate new conversion algorithms that are secure against attacks of any order. To convert masks of a size of ki¾?bits securely against attacks of order n, the proposed algorithms have a time complexity of

Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity

\mathcal{O}n^2 k

Algorithms for Switching between Boolean and Arithmetic Masking of Second Order

in both directions and are proven to be secure in the Ishai, Sahai, and Wagner ISW framework for private circuits. We evaluate our algorithms using HMAC-SHA-1 as example and report the execution times we achieved on a 32-bit AVR microcontroller.

Higher-Order Masking in Practice: A Vector Implementation of Masked AES for ARM NEON

A general technique to protect a cryptographic algorithm against side-channel attacks consists in masking all intermediate variables with a random value. For cryptographic algorithms combining Boolean operations with arithmetic operations, one must then perform conversions between Boolean masking and arithmetic masking. At CHES 2001, Goubin described a very elegant algorithm for converting from Boolean masking to arithmetic masking, with only a constant number of operations. Goubin also described an algorithm for converting from arithmetic to Boolean masking, but with \(\mathcal{O}(k)\) operations where k is the addition bit size. In this paper we describe an improved algorithm with time complexity \(\mathcal{O}(\log k)\) only. Our new algorithm is based on the Kogge-Stone carry look-ahead adder, which computes the carry signal in \(\mathcal{O}(\log k)\) instead of \(\mathcal{O}(k)\) for the classical ripple carry adder. We also describe an algorithm for performing arithmetic addition modulo \(2^k\) directly on Boolean shares, with the same complexity \(\mathcal{O}(\log k)\) instead of \(\mathcal{O}(k)\). We prove the security of our new algorithm against first-order attacks. Our algorithm performs well in practice, as for \(k=64\) we obtain a \(23\,\%\) improvement compared to Goubin’s algorithm.

Faster Mask Conversion with Lookup Tables

Masking is a widely-used countermeasure to thwart Differential Power Analysis (DPA) attacks, which, depending on the involved operations, can be either Boolean, arithmetic, or multiplicative. When used to protect a cryptographic algorithm that performs both Boolean and arithmetic operations, it is necessary to change the masks from one form to the other in order to be able to unmask the secret value at the end of the algorithm. To date, known techniques for conversion between Boolean and arithmetic masking can only resist first-order DPA. This paper presents the first solution to the problem of converting between Boolean and arithmetic masking of second order. To set the context, we show that a straightforward extension of first-order conversion schemes to second order is not possible. Then, we introduce two algorithms to convert from Boolean to arithmetic masking based on the second-order provably secure S-box output computation method proposed by Rivain et al (FSE 2008). The same can be used to obtain second-order secure arithmetic to Boolean masking. We prove the security of our conversion algorithms using similar arguments as Rivain et al. Finally, we provide implementation results of the algorithms on three different platforms.

Time-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers

Real-world software implementations of cryptographic algorithms need to be able to resist various kinds of side-channel attacks, in particular Differential Power Analysis (DPA). Masking is a widely-used countermeasure to protect block ciphers like the Advanced Encryption Standard (AES) against DPA attacks. The basic principle is to split all sensitive intermediate variables manipulated by the algorithm into two shares and process these shares separately. However, this approach still succumbs to higher-order DPA attacks, which exploit the joint leakage of a number of intermediate variables. A viable solution is to generalize masking such that at least \(d+1\) shares are used to protect against \(d\)-th order attacks. Unfortunately, all current higher-order masking schemes introduce a significant computational overhead compared to unmasked implementations. To facilitate the deployment of higher-order masking for the AES in practice, we developed a vector implementation of Coron et al’s masking scheme (FSE 2012) for ARM NEON processors. After a comprehensive complexity analysis, we found that Coron et al’s scheme with \(n\) shares for each sensitive variable needs \(\mathcal {O}(n^2)\) multiplications in the field GF(\(2^8\)) and \(\mathcal {O}(n^2)\) random-number generations. Both of these performance-critical operations are executed with only 15 instructions in our software, which is possible thanks to the rich functionality of the NEON instruction set. Our experimental results demonstrate that the performance penalty caused by the integration of higher-order masking is significantly lower than in generally assumed and reported in previous papers. For example, our second-order DPA-protected AES (with three shares for each sensitive variable) is merely eight times slower than an unmasked baseline implementation that resists cache-timing attacks.

Implementation and Evaluation of a Leakage-Resilient ElGamal Key Encapsulation Mechanism.

Masking is an effective and widely-used countermeasure to thwart Differential Power Analysis DPA attacks on symmetric cryptosystems. When a symmetric cipher involves a combination of Boolean andi¾?arithmetic operations, it is necessary to convert the masks from one form to the other. There exist algorithms for mask conversion that are secure against first-order attacks, but they can not be generalized to higheri¾?orders. At CHES 2014, Coron, Groβschadl and Vadnala CGV introduced a secure conversion scheme between Boolean and arithmetic masking of any order, but their approach requires

Provably Secure Countermeasures against Side-channel Attacks

d=2t+1