CAPA: The Spirit of Beaver Against Physical Attacks

Reparaz, Oscar; Meyer, Lauren De; Bilgin, Begül; Arribas, Víctor; Nikova, Svetla; Nikov, Ventzislav; Smart, Nigel P.

doi:10.1007/978-3-319-96884-1_5

Cited by 28 publications

(26 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It may be finally mentioned that although we illustrate the power of FTA* on TI, which is based on secret sharing schemes and masking to prevent side channel analysis, the attack principle can be extended to other circuits which try to hide information using similar principles. For example schemes like [19] try to combine concepts of multi-party computation and masking to provide protections against both side channels and fault attacks. The protection is divided into multiple tiles, each operating as a party for an intended computation (say an AND-gate) in a secured fashion such that even if the adversary can induce faults in multiple locations but close proximity of the chip, the masks protect the actual data from being revealed.…”

Section: Resultsmentioning

confidence: 99%

Faultless to a fault?

Mukhopadhyay

2020

Proceedings of the 39th International Conference on Computer-Aided Design

View full text Add to dashboard Cite

Section: Resultsmentioning

confidence: 99%

Faultless to a fault?

Mukhopadhyay

2020

Proceedings of the 39th International Conference on Computer-Aided Design

View full text Add to dashboard Cite

“…As a result, the combined security notion needs to capture the probability of an adversary breaking the correctness of a gadget given several faults and probes. In this work we only propose countermeasures where the correctness can not be broken, to give an example of a countermeasure for which this probability is non-trivial we refer the reader to the CAPA countermeasure [30]. Apart from guaranteeing the correctness of a gadget, we also guarantee its sensitive variable privacy for which we use simulation based arguments similar to non-interference.…”

Section: Composable Notions Of Securitymentioning

confidence: 99%

“…They consider an adversary who faults up to a given number of gates and consider compositional security, i.e., they look at the propagation of faults in their components. Previous works looked at adversaries faulting and reading separate wires, the work of CAPA [30] considers stronger adversaries. They use multiparty computation to provide provable security against combined attacks by proposing a new adversary model, the tile probe-and-fault model.…”

Section: Introductionmentioning

confidence: 99%

My Gadget Just Cares for Me - How NINA Can Prove Security Against Combined Attacks

Dhooghe

Nikova

2020

Topics in Cryptology – CT-RSA 2020

Self Cite

View full text Add to dashboard Cite

Differential Power Analysis and Differential Fault Analysis threaten the security of even the most trustworthy cryptographic primitives. It is important we protect their implementation such that no sensitive information is leaked using side channels and it withstands injected faults or combined physical attacks. In this work, we propose security notions tailored against advanced physical attacks consisting of both faults and probes on circuit wires. We then transform the security notions to composable security notions. The motivation for this research includes the ease of verification time; the creation of secure components; and the isolation of primitives in larger protocols such as modes of operations. We dub our notion NINA, which forms the link between the established Non-Interference (NI) property and our composable active security property, Non-Accumulation (NA). To illustrate the NINA property, we use it to prove the security of two multiplication gadgets: an error checking duplication gadget and an error correcting duplication gadget. The NINA proofs for error detecting gadgets capture the effect of Statistical Ineffective Fault Analysis (SIFA), an attack vector which threatens most current masked implementations. Additionally, we study error correcting techniques. We show that error correcting gadgets can attain the Independent NINA property. A stronger property which captures a clear separation between the effect of faults and probes. Thus, we show that clever error correcting gadgets improve on error detecting ones by achieving significant higher levels of combined security along with guaranteed output delivery.

show abstract

“…Schneider et al [29] introduce a countermeasure for cryptographic hardware implementations that combines the concept of threshold implementation with an error detecting approach. Similarly to this, Reparaz et al [27] propose a countermeasure that claims security against higher-order SCA, multiple-shot DFA and also combined attacks.…”

Section: Related Workmentioning

confidence: 99%

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection

Simon

Batina

Daemen

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In this work we present a duplex-based authenticated encryption scheme Friet based on a new permutation called Friet-P. We designed Friet-P with a novel approach for cryptographic permutations and block ciphers that takes fault-attack resistance into account and that we introduce in this paper. In this method, we build a permutation fC to be embedded in a larger one, f. First, we define f as a sequence of steps that all abide a chosen error-correcting code C, i.e., that map C-codewords to C-codewords. Then, we embed fC in f by first encoding its input to an element of C, applying f and then decoding back from C. This last step detects a fault when the output of f is not in C. We motivate the design of the permutation we use in Friet and report on performance in soft-and hardware. We evaluate the fault-detection capabilities of the software and simulated hardware implementations with attacks. Finally, we perform a leakage evaluation.

show abstract

CAPA: The Spirit of Beaver Against Physical Attacks

Cited by 28 publications

References 63 publications

Faultless to a fault?

Faultless to a fault?

My Gadget Just Cares for Me - How NINA Can Prove Security Against Combined Attacks

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection

Contact Info

Product

Resources

About