Further Improving Efficiency of Higher Order Masking Schemes by Decreasing Randomness Complexity.

Provably secure masking schemes always require too many random generations, which significantly increases the implementation cost. ... In the scope of higher-order masking, randomness reduction is a crucial and tough task. ... As the ZQZ-2 scheme is obtained by decreasing the randomness of the ZQZ-1 scheme, the ZQZ-2 scheme cannot achieve TNI, either. ...

dblp:journals/iacr/Qiu0ZC17 fatcat:bonefhf2rvbqljabgaxd7tdbea

We disprove their first claim by exhibiting a first order flaw that is present in their first proposed algorithm scheme at all orders. ... We put their second claim into question by showing that their proposed algorithm, as published, is not well-defined at all orders, making use of variables before defining them. ... Their proposed algorithm-if it improves time complexity-does not, however, improve on the randomness complexity of the simpler option of simply composing a gadget for and a multiplication gadget, taking ...

dblp:journals/iacr/BartheDG17 fatcat:l6r54w5novbtteoj3ljs44inma

In order to show its practical implications, we replace the linear operations of state-of-the-art first-order AES masking schemes with our proposal, while keeping their original non-linear operations unchanged ... Considering the high tackling complexity of non-linear operations, most masked AES implementations focus on the security and cost reduction of masked S-boxes. ... Authors' contributions JM and YZ proposed the first-order AES masking scheme, and drafted the manuscript. HL participated in problem discussions and improvements of the manuscript. ...

doi:10.1186/s42400-021-00082-w fatcat:plvsycs6fnf27hd77haxy5gviq

DOAJ

Some recent works have explored masking schemes with higher algebraic complexity and have shown that they provide more security than Boolean masking at the cost of higher overheads. ... In this work we explore a security versus efficiency tradeoff and provide an improved and tweaked inner product masking. ... improve the presentation of our work. ...

doi:10.1007/978-3-662-46800-5_19 fatcat:3du5qoguzjhwtcjvpnpic2igiq

We moreover extend the approach with the use of higher-order masking and we show that it enables to significantly improve the security level of such a scheme. ... Based on this analysis, we design a generic scheme combining higher-order masking and shuffling. ... Generation of T Input: parameters (d, L) and a n -bit permutation π with q = log 2 ((d + 1)L) Output: indices permutation table T ...

doi:10.1007/978-3-642-04138-9_13 fatcat:6wi3i6gs2zde5cib4w55fkdvmi

To mitigate such cost and make it efficient, we contribute to several improvements to the original scheme proposed by Wang et al. in TCHES 2020. ... It captivates by its side-channel resistance against higher-order attacks and the potential to withstand fault injection attacks. ... Acknowledgments This work was also supported in part by National Key The authors sincerely thank the anonymous reviewers for their valuable comments, which significantly improved the quality of the paper ...

doi:10.46586/tches.v2022.i3.192-222 fatcat:mdbtgyjxg5dijbmoppk33zqrve

DOAJ OJS

Side-channel analysis is one of the most efficient techniques available to an attacker to break the security of a cryptographic device. ... In this paper, we describe a set of dedicated countermeasures protecting against EM analysis and validate them with real experimental campaigns on a Xilinx FPGA. ... Masking schemes are also employed, in order to improve the robustness of the design and illustrate the compatibility of the proposed solution with established protection schemes already known in the literature ...

doi:10.1109/reconfig.2013.6732274 dblp:conf/reconfig/MaistriTMKL13 fatcat:kfczw6tnobbvjfu5j6ztqmwqim

Further, based on the novel cryptosystem, a higher-order masking scheme was developed by constructing an extension Ishai-Sahai-Wagne (ISW) masking scheme. ... To address this problem, a higher-order masking scheme for a McEliece cryptosystem based on the quasi-dyadic moderate density parity check (QD-MDPC) code has been proposed. ... We then design a higher-order masking scheme by constructing an extension of the ISW masking scheme. ...

doi:10.3837/tiis.2019.02.033 fatcat:h3yvlbjywjc5hixygygj6j7ozi

This situation has motivated the research for efficient schemes that apply higher-order masking with minimal performance overheads. ... In this paper, we present a generic method to find a Boolean representation of an s-box with efficient bitsliced higher-order masking. ... While designing a higher-order masking scheme for a given blockcipher, the main issue is the secure and efficient computation of the s-box. ...

doi:10.1007/978-3-662-53140-2_22 fatcat:ccqw57qwlrg6lnzscns4wg4sz4

Several masking schemes, applicable for arbitrary orders, have been recently introduced. ... The main issue while applying masking to protect a block cipher implementation is to specify an efficient scheme to secure the s-box computations. ... The analysis in [10] has been further improved by Roy and Vivek in [59] , where it is in particular shown that the masking complexity of the DES s-boxes is lower bounded by 3. ...

doi:10.1007/978-3-662-49301-4_20 fatcat:7vcwvps2sjglzkzscju47gshqa

This has elevated the need for improved designs by embodying countermeasures, with masking being the most prominent example. ... To formally verify the security of a masking scheme, numerous attack models have been developed to capture the physical properties of the information leakage as well as the capabilities of the adversary ... This masking scheme was proposed by Balasch et al. in [9] , and further improved and extended in [7] and [8] . ...

arXiv:2106.12714v2 fatcat:djqmxdobv5e3becegkmscz2zae

Open Access Multiple Versions

The parallelisations proposed also complement the addition of first-order masking to the decapsulation module. ... This process is eased by the use of Trivium due to its higher throughput and lower area consumption. ... Acknowledgements This research was partially funded by the Innovate UK Project 105747 (Hardware assisted post-quantum cryptography for embedded system devices), the EPSRC via Grant EP/N011635/1 (LADA), ...

doi:10.1007/s13389-021-00258-7 fatcat:l6e2vgyutzhv3jid7as75majcu

Open Access

On the one hand, extractors can be efficiently implemented and protected with masking. On the other hand, they provide adversaries with many more exploitable leakage samples than, e.g. block ciphers. ... Postdoctoral researcher funded by the 7th framework European project TAMPRES. Associate researcher of the Belgian Fund for Scientific Research (FNRS-F.R.S.). ... As higher-order masking schemes leading to efficient hardware implementations remain an open problem, we restrict the S-box evaluations to first-order masking 1 . ...

doi:10.1007/978-3-642-23951-9_17 fatcat:2fx4snstlnaeph5rbyu4nn5zm4

Finally it concludes few ideas on the future scope and challenging issues in this scheme. ... This paper present a review on the concept of Interleave Division Multiple Access (IDMA) which exploits the interleaving as only means of user separation. ... We have outlined the basic principles of IDMA and have assumed that there are many horizons open for further improvements and testing of IDMA such as in interleaving scheme for memory optimization, improvement ...

doi:10.9790/2834-09366672 fatcat:jxbwcrwezrcmrfmelrfc5e5yya

Rotating Sbox Masking (RSM) scheme is a highly efficient masking scheme proposed to protect cryptographic implementations from side channel attacks. ... Finally, we present one proposal to further improve the practical security of RSM-AES-128 at an acceptable overhead. ... evaluation report released by DPA Contest v4.2 [17] ). 5 Proposal for Further Improving RSM-AES-128 RSM scheme is a first-order masking scheme which featured with high efficiency and low overhead, even ...

dblp:journals/iacr/ChengZCZ0GS17 fatcat:2aubmduuvvfnlbgl7azcoahf34

Corrections to "Further Improving Efficiency of Higher-Order Masking Schemes by Decreasing Randomness Complexity" [article]

Preserved Fulltext

A Note on 'Further Improving Efficiency of Higher-Order Masking Scheme by Decreasing Randomness Complexity' [article]

Preserved Fulltext

A secure and highly efficient first-order masking scheme for AES linear operations

Preserved Fulltext

Inner Product Masking Revisited [chapter]

Preserved Fulltext

Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers [chapter]

Preserved Fulltext

On Efficient and Secure Code-based Masking: A Pragmatic Evaluation

Preserved Fulltext

Countermeasures against EM analysis for a secured FPGA-based AES implementation

Preserved Fulltext

Higher-Order Masking Scheme against DPA Attack in Practice: McEliece Cryptosystem Based on QD-MDPC Code

Preserved Fulltext

On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking [chapter]

Preserved Fulltext

Polynomial Evaluation and Side Channel Analysis [chapter]

Preserved Fulltext

Circuit Masking: From Theory to Standardization, A Comprehensive Survey for Hardware Security Researchers and Practitioners [article]

Preserved Fulltext

Other Versions

Exploring Parallelism to Improve the Performance of FrodoKEM in Hardware

Preserved Fulltext

Extractors against Side-Channel Attacks: Weak or Strong? [chapter]

Preserved Fulltext

Comparative Study of Interleaves in Communication System: IDMA Overview

Preserved Fulltext

How Far Can We Reach? Breaking RSM-Masked AES-128 Implementation Using Only One Trace [article]

Preserved Fulltext