Linear Repairing Codes and Side-Channel Attacks

Chabanne, Hervé; Maghrebi, Houssem; Prouff, Emmanuel

doi:10.46586/tches.v2018.i1.118-141

Cited by 8 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For the first time, we quantify the impact of combining different public points in SSS-based masking in the context of side-channel analysis and show that more shares leak more information (given a specific t). In particular, our coding-theoretic approach can exactly depict the observations made in [CMP18]. Using MI, we present the quantitative results of information leakages in SSS-based masking, which again validate our unified approach.…”

Section: Optimal Public Points For Sss-based Polynomial Maskingsupporting

confidence: 62%

“…As observed in [CMP18], the public points in SSS play a significant role in the sidechannel resistance of SSS-based masking schemes. In fact, this problem of public points is inherent in the SSS scheme and can be dated back to Massey [Mas93] who claimed that SSS scheme "can be attacked with the well-developed tools of algebraic coding theory".…”

Section: Public Points In Sss and Polynomial Maskingmentioning

confidence: 91%

“…We recall the (n, t)-SSS scheme by mainly referring to [CMP18,CRZ13]. Let X ∈ K again be the secret and can be split into n shares such that no tuple of shares with cardinality lower than t depends on X.…”

Section: Connecting Sss Scheme To the Rs Codementioning

confidence: 99%

“…Definition 8 (Reed-Solomon Code [CMP18]). The Reed-Solomon code RS(S, t + 1) ⊂ K n of dimension t + 1 over a finite field K and with evaluation subset S = {α 0 , α 1 , .…”

Section: Connecting Sss Scheme To the Rs Codementioning

confidence: 99%

See 3 more Smart Citations

Information Leakages in Code-based Masking: A Unified Quantification Approach

Cheng

Guilley

Carlet

et al. 2021

TCHES

View full text Add to dashboard Cite

This paper presents a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that all code-based masking schemes’ side-channel resistance can be quantified by an all-in-one framework consisting of two easy-tocompute parameters (the dual distance and the number of conditioned codewords) from a coding-theoretic perspective. In particular, we use signal-to-noise ratio (SNR) and mutual information (MI) as two complementary metrics, where a closed-form expression of SNR and an approximation of MI are proposed by connecting both metrics to the two coding-theoretic parameters. Secondly, considering the connection between Reed-Solomon code and SSS (Shamir’s Secret Sharing) scheme, the SSS-based masking is viewed as a particular case of generalized code-based masking. Hence as a straightforward application, we evaluate the impact of public points on the side-channel security of SSS-based masking schemes, namely the polynomial masking, and enhance the SSS-based masking by choosing optimal public points for it. Interestingly, we show that given a specific security order, more shares in SSS-based masking leak more information on secrets in an information-theoretic sense. Finally, our approach provides a systematic method for optimizing the side-channel resistance of every code-based masking. More precisely, this approach enables us to select optimal linear codes (parameters) for the generalized code-based masking by choosing appropriate codes according to the two coding-theoretic parameters. Summing up, we provide a best-practice guideline for the application of code-based masking to protect cryptographic implementations.

show abstract

Section: Optimal Public Points For Sss-based Polynomial Maskingsupporting

confidence: 62%

Section: Public Points In Sss and Polynomial Maskingmentioning

confidence: 91%

Section: Connecting Sss Scheme To the Rs Codementioning

confidence: 99%

“…Definition 8 (Reed-Solomon Code [CMP18]). The Reed-Solomon code RS(S, t + 1) ⊂ K n of dimension t + 1 over a finite field K and with evaluation subset S = {α 0 , α 1 , .…”

Section: Connecting Sss Scheme To the Rs Codementioning

confidence: 99%

See 2 more Smart Citations

Information Leakages in Code-based Masking: A Unified Quantification Approach

Cheng

Guilley

Carlet

et al. 2021

TCHES

View full text Add to dashboard Cite

show abstract

“…Byte transitions can be taken into consideration if, for instance, 256 2 = 65536 templates are profiled on the pair of (initial, final) values. During the attack phase, we leverage an adaption of the Gaussian mixture model as in [CMP18,CS21] by using real measurements. We choose one Point of Interest (POI) for each share and the selection strategy is to designate the one which has the largest and most consistent Signal-to-Noise Ratio (SNR), which is defined for each share as in [DFS15].…”

Section: Evaluation Strategy and Experimental Setupmentioning

confidence: 99%

On Efficient and Secure Code-based Masking: A Pragmatic Evaluation

Cheng

Guilley

et al. 2022

TCHES

View full text Add to dashboard Cite

Code-based masking is a highly generalized type of masking schemes, which can be instantiated into specific cases by assigning different encoders. It captivates by its side-channel resistance against higher-order attacks and the potential to withstand fault injection attacks. However, similar to other algebraically-involved masking schemes, code-based masking is also burdened with expensive computational overhead. To mitigate such cost and make it efficient, we contribute to several improvements to the original scheme proposed by Wang et al. in TCHES 2020. Specifically, we devise a computationally friendly encoder and accordingly accelerate masked gadgets to leverage efficient implementations. In addition, we highlight that the amortization technique introduced by Wang et al. does not always lead to efficient implementations as expected, but actually decreases the efficiency in some cases.From the perspective of practical security, we carry out an extensive evaluation of the concrete security of code-based masking in the real world. On one hand, we select three representative variations of code-based masking as targets for an extensive evaluation. On the other hand, we aim at security assessment of both encoding and computations to investigate whether the state-of-the-art computational framework for code-based masking reaches the security of the corresponding encoding. By leveraging both leakage assessment tool and side-channel attacks, we verify the existence of “security order amplification” in practice and validate the reliability of the leakage quantification method proposed by Cheng et al. in TCHES 2021. In addition, we also study the security decrease caused by the “cost amortization” technique and redundancy of code-based masking. We identify a security bottleneck in the gadgets computations which limits the whole masked implementation. To the best of our knowledge, this is the first time that allows us to narrow down the gap between the theoretical security order under the probing model (sometimes with simulation experiments) and the concrete side-channel security level of protected implementations by code-based masking in practice.

show abstract