Masking proofs are tight and how to exploit it in security evaluations
V Grosso, FX Standaert - … in Cryptology–EUROCRYPT 2018: 37th Annual …, 2018 - Springer
Evaluating the security level of a leaking implementation against side-channel attacks is a
challenging task. This is especially true when countermeasures such as masking are …
challenging task. This is especially true when countermeasures such as masking are …
Not so Difficult in the End: Breaking the Lookup Table-Based Affine Masking Scheme
The lookup table-based masking countermeasure is prevalent in real-world applications due
to its potent resistance against side-channel attacks and low computational cost. The …
to its potent resistance against side-channel attacks and low computational cost. The …
Connecting and improving direct sum masking and inner product masking
Abstract Direct Sum Masking (DSM) and Inner Product (IP) masking are two types of
countermeasures that have been introduced as alternatives to simpler (eg, additive) …
countermeasures that have been introduced as alternatives to simpler (eg, additive) …
Higher-Order Masked Saber
A Karmakar, I Verbauwhede - … (SA), Italy, September 12–14, 2022 …, 2022 - books.google.com
Side-channel attacks are formidable threats to the cryptosystems deployed in the real world.
An effective and provably secure countermeasure against side-channel attacks is masking …
An effective and provably secure countermeasure against side-channel attacks is masking …
Side-channel indistinguishability
We introduce a masking strategy for hardware that prevents any side-channel attacker from
recovering uniquely the secret key of a cryptographic device. In this masking scheme …
recovering uniquely the secret key of a cryptographic device. In this masking scheme …
maskVerif: Automated analysis of software and hardware higher-order masked implementations
Power and electromagnetic based side-channel attacks are serious threats against the
security of cryptographic embedded devices. In order to mitigate these attacks …
security of cryptographic embedded devices. In order to mitigate these attacks …
Second-order SCA security with almost no fresh randomness
AR Shahmirzadi, A Moradi - IACR Transactions on Cryptographic …, 2021 - tches.iacr.org
Masking schemes are among the most popular countermeasures against Side-Channel
Analysis (SCA) attacks. Realization of masked implementations on hardware faces several …
Analysis (SCA) attacks. Realization of masked implementations on hardware faces several …
A generic TC-based method to find the weakness in different phases of masking schemes
M Tang, Y Li, Y Li, P Wang, D Zhao… - Tsinghua Science …, 2018 - ieeexplore.ieee.org
Masking is one of the most commonly used Side-Channel Attack (SCA) countermeasures
and is built on a security framework, such as the ISW framework, and ensures theoretical …
and is built on a security framework, such as the ISW framework, and ensures theoretical …
Quasi-linear masking to protect against both SCA and FIA
The implementation of cryptographic algorithms must be protected against physical attacks.
Side-channel and fault injection analyses are two prominent such implem\-entation-level …
Side-channel and fault injection analyses are two prominent such implem\-entation-level …
Bitslice masking and improved shuffling: How and when to mix them in software?
M Azouaoui, O Bronchain, V Grosso… - IACR Transactions on …, 2022 - hal.science
We revisit the popular adage that side-channel countermeasures must be combined to be
efficient, and study its application to bitslice masking and shuffling. Our contributions are …
efficient, and study its application to bitslice masking and shuffling. Our contributions are …