Breaking masked implementations with many shares on 32-bit software platforms: or when the security order does not matter
O Bronchain, FX Standaert - IACR Transactions on Cryptographic …, 2021 - tches.iacr.org
We explore the concrete side-channel security provided by state-of-theart higher-order
masked software implementations of the AES and the (candidate to the NIST Lightweight …
masked software implementations of the AES and the (candidate to the NIST Lightweight …
Trivially and efficiently composing masked gadgets with probe isolating non-interference
G Cassiers, FX Standaert - IEEE Transactions on Information …, 2020 - ieeexplore.ieee.org
We revisit the analysis and design of masked cryptographic implementations to prevent side-
channel attacks. Our starting point is the (known) observation that proving the security of a …
channel attacks. Our starting point is the (known) observation that proving the security of a …
Maskednet: The first hardware inference engine aiming power side-channel protection
Differential Power Analysis (DPA) has been an active area of research for the past two
decades to study the attacks for extracting secret information from cryptographic …
decades to study the attacks for extracting secret information from cryptographic …
Formal security proofs via Doeblin coefficients: optimal side-channel factorization from noisy leakage to random probing
Masking is one of the most popular countermeasures to side-channel attacks, because it can
offer provable security. However, depending on the adversary's model, useful security …
offer provable security. However, depending on the adversary's model, useful security …
Effective and efficient masking with low noise using small-mersenne-prime ciphers
Embedded devices used in security applications are natural targets for physical attacks.
Thus, enhancing their side-channel resistance is an important research challenge. A …
Thus, enhancing their side-channel resistance is an important research challenge. A …
Second-order low-randomness d+ 1 hardware sharing of the AES
S Dhooghe, AR Shahmirzadi, A Moradi - Proceedings of the 2022 ACM …, 2022 - dl.acm.org
In this paper, we introduce a second-order masking of the AES using the minimal number of
shares and a total of 1268 bits of randomness including the sharing of the plaintext and key …
shares and a total of 1268 bits of randomness including the sharing of the plaintext and key …
Efficient and private computations with code-based masking
Code-based masking is a very general type of masking scheme that covers Boolean
masking, inner product masking, direct sum masking, and so on. The merits of the …
masking, inner product masking, direct sum masking, and so on. The merits of the …
Challenges and opportunities of security-aware EDA
J Feldtkeller, P Sasdrich, T Güneysu - ACM Transactions on Embedded …, 2023 - dl.acm.org
The foundation of every digital system is based on hardware in which security, as a core
service of many applications, should be deeply embedded. Unfortunately, the knowledge of …
service of many applications, should be deeply embedded. Unfortunately, the knowledge of …
Towards tight random probing security
Proving the security of masked implementations in theoretical models that are relevant to
practice and match the best known attacks of the side-channel literature is a notoriously hard …
practice and match the best known attacks of the side-channel literature is a notoriously hard …
Connecting Leakage-Resilient Secret Sharing to Practice: Scaling Trends and Physical Dependencies of Prime Field Masking
Symmetric ciphers operating in (small or mid-size) prime fields have been shown to be
promising candidates to maintain security against low-noise (or even noise-free) side …
promising candidates to maintain security against low-noise (or even noise-free) side …