by UCLouvain,
Masking is a popular countermeasure against side-channel attacks. The principle of the method consists in splitting every sensitive value into a given number of shares, which are then manipulated independently. Intuitively such an idea aims at making any value recovery hard in the number of shares.
One appealing property is that the security of masking can be theoretically proven, making it possible to achieve the security of an implementation rigorously.
Unfortunately, the challenging gap between practice and theory brings detrimental physical effects to security.
- The first of these effects is the propagation of glitches, a normal phenomenon in digital electronics due to different propagation times in the underlying hardware. Their impact on masking is that they falsify some security requirements. If they can be stopped by registers, the solution comes at the cost of a lower latency.
- A second effect arises from the transition in registers. Replacing a value with another can reveal information about the two of them. Similarly to glitches, this weakness can be solved by expanding additional latency. We also note that other effects such as coupling between wires can impact security, yet determining how it impacts remains an open challenge.
Resolving the challenge of robust masking against physical defaults is an ongoing work in the community, extending both the theoretical and practical aspects of it. In the framework of REWIRE, we proposed what is, to the best of our knowledge, the first single-cycle masked multiplication gadget that is trivially composable and provides security against transitions and glitches and proved its security in the robust probing model. We then analyzed the interest of this new gadget for the secure implementation of the future lightweight cryptography standard Ascon, which has good potential for low-latency.
The related research and results showcased that the gadget’s use directly leads to improvements for uniformly protected implementations, using masking for all computations. The results are very interesting, since its integration in so-called leveled implementations, providing no latency overheads and being cost-effective. The evaluation of the research findings and the end results were proceeded with different protected implementations of Ascon, clarifying its hardware design space. With Ascon selected as the winner for the lightweight competition and its structure prone to achieving low latency, the design space seems open for a low-latency and glitch+transition robust implementation.
As part of REWIRE, this is the gap we bridge by designing a new masking scheme in our recent work “Low-Latency Masked Gadgets Robust against Physical Defaults with Application to Ascon”. Curious? Do not hesitate to have a look at the paper.