Variety of Scalable Shuffling Countermeasures against Side Channel Attacks

Veshchikov, Nikita; Medeiros, Stephane Fernandes; Lerman, Liran

doi:10.13052/jcsm2245-1439.532

Cited by 4 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Random Start Index (RSI): In this approach, the starting index of operations is randomized [17]. Each time the operations are executed, a different starting point is chosen, leading to varying execution orders and introducing additional variability.…”

Section: A Shuffling Countermeasuresmentioning

confidence: 99%

“…• Reverse Shuffle (RS): This method allows the selection of either a forward or reverse execution order for the operations [17]. By enabling the reverse direction as an option, it introduces further randomness in the order of operations, making it more challenging to establish patterns.…”

Section: A Shuffling Countermeasuresmentioning

confidence: 99%

“…• Sweep Swap Shuffle (SSS): This technique expands the operation sequence into a matrix form and performs the operations based on row or column order [17]. By reshaping the operation sequence and executing based on row or column order, it introduces randomness in the execution order.…”

Section: A Shuffling Countermeasuresmentioning

confidence: 99%

See 2 more Smart Citations

Systematization of Shuffling Countermeasures: With an Application to CRYSTALS-Dilithium

Lee,

Han,

Lee

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Shuffling is an essential countermeasure employed during the implementation of cryptographic algorithms to mitigate vulnerabilities against side-channel attacks, regardless of the algorithm's nature. However, a comprehensive and structured shuffling framework has yet to be established, resulting in the need for developers to create customized solutions adapted to their specific algorithmic or operational requirements. This research paper introduces an innovative and systematic shuffling framework, providing developers with a set of guidelines to effectively select suitable shuffling methodologies aligned with their specific objectives. Additionally, we illustrate the application of this framework to the CRYSTALS-Dilithium signature algorithm, a finalist in NIST's Post-Quantum Cryptography (PQC) standardization process. By leveraging our framework, we devise shuffling countermeasures and present an extensive array of twelve shuffling schemes. For each scheme, shuffling schemes are applied universally to all operations involving any confidential data, regardless of existence of known attacks targeting corresponding data. We also measured the performance of implementations of our shuffling schemes, the minimal overhead is 12.4%.INDEX TERMS Side-channel countermeasure, hiding countermeasure, shuffling countermeasure, horizontal shuffling, vertical shuffling.

show abstract

Section: A Shuffling Countermeasuresmentioning

confidence: 99%

Section: A Shuffling Countermeasuresmentioning

confidence: 99%

See 1 more Smart Citation

Systematization of Shuffling Countermeasures: With an Application to CRYSTALS-Dilithium

Lee,

Han,

Lee

et al. 2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Namely the shuffling prevents a second-order DPA attack against the SBOX masking countermeasure; the authors can then quantify the efficiency of the main attack paths. The authors of [VMKS12] improve the software implementation of random permutation shuffling, with an efficient permutation generator; see also [VML16,Pap18] for a description of shuffling countermeasures with low randomness usage. The main attack against the shuffling countermeasure is the "integrated DPA" introduced in [CCD00]; it consists in summing the signal over a sliding window.…”

Section: Related Workmentioning

confidence: 99%

Secure Wire Shuffling in the Probing Model

Coron

Spignoli

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In this paper we describe the first improvement of the wire shuffling countermeasure against side-channel attacks described by Ishai, Sahai and Wagner at Crypto 2003. More precisely, we show how to get worst case statistical security against t probes with running time O(t) instead of O(t log t); our construction is also much simpler. Recall that the classical masking countermeasure achieves perfect security but with running time O(t 2 ). We also describe a practical implementation for AES that outperforms the masking countermeasure for t ≥ 6 000.

show abstract

“…Charvillon et al [VMKS12] have analyzed the security provided by shuffling, in addition to investigating several implementation techniques. Motivated by the increased cost of RNG, Veshchikov et al [VML16] investigated cheaper shuffling methods. We will refer to a permutation that shuffles n independent operations of a specific cipher layer as P {o1,...,on} n , where o i the ith operation in the layer.…”

Section: Background and Related Workmentioning

confidence: 99%

Low Randomness Masking and Shuffling: An Evaluation Using Mutual Information

Papagiannopoulos

2018

TCHES

View full text Add to dashboard Cite

Side-channel countermeasure designers often face severe performance overheads when trying to protect a device. Widely applied countermeasures such as masking and shuffling entail generating a large amount of random numbers, which can result in a computational bottleneck. To mitigate the randomness cost, this work evaluates low-randomness versions of both masking and shuffling, namely Recycled Randomness Masking (RRM) and Reduced Randomness Shuffling (RRS). These countermeasures employ memory units to store generated random numbers and reuse them in subsequent computations,making them primarily suitable for implementation on devices with sufficient memory. Both RRM and RRS are evaluated using the MI-based framework in the context of horizontal attacks. The evaluation exhibits the tradeoff between the randomness cost and the noisy leakage security level offered by the countermeasures, enabling the designer to fine-tune a masking or shuffling scheme and maximize the security level achieved for a certain cost.

show abstract

Variety of Scalable Shuffling Countermeasures against Side Channel Attacks

Cited by 4 publications

References 18 publications

Systematization of Shuffling Countermeasures: With an Application to CRYSTALS-Dilithium

Systematization of Shuffling Countermeasures: With an Application to CRYSTALS-Dilithium

Secure Wire Shuffling in the Probing Model

Low Randomness Masking and Shuffling: An Evaluation Using Mutual Information

Contact Info

Product

Resources

About