Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes

Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing d th-order masking schemes, where d represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of d th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the d th-order masking schemes is {O(nm)} , where m is the number of signals and n is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the d th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original desig