In the last decade, an effort has been made by the research community to find efficient ways to thwart side channel analysis (SCA) against physical implementations of cryptographic algorithms. A common countermeasure for implementations of block ciphers is Boolean masking which randomizes the variables to be protected by the bitwise addition of one or several random value(s). However, advanced techniques called higher-order SCA attacks exist that overcome such a countermeasure. These attacks are greatly favored by the very nature of Boolean masking. In this paper, we revisit the affine masking initially introduced by Von Willich in 2001 as an alternative to Boolean masking. We show how to apply it to AES at the cost of a small timing overhead compared to Boolean masking. We then conduct an in-depth analysis pinpointing the leakage reduction implied by affine masking. Our results clearly show that the proposed scheme provides an excellent performance-security trade-off to protect AES against higher-order SCA.
Abstract. As the core operation of many public key cryptosystems, group exponentiation is central to cryptography. Attacks on its implementation in embedded device setting is hence of great concern. Recently, implementations resisting both simple side-channel analysis and fault attacks were proposed. In this paper, we go further and present an algorithm that also inherently thwarts differential side-channel attacks in finite abelian groups with only limited time and storage overhead.
We describe compositional architectures and certifications in the research project certMILS. Compositional architectures enable re-use of certified COTS (commercial off-the-shelf) components with a well-defined delegation of responsibilities between component developers and system integrators during cyber physical system design and certification. We show how we used a Common Criteria certified MILS (Multiple Independent Levels of Safety / Security) platform for compositional designs and IEC 62443-4-1/62443-4-2 security evaluations and certifications for composed systems from the domains of smart grid, railway, and subway, that are safety-and security-critical.I.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.