Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference

Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference

We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on information forensics and security 2020, Vol.15, p.2542-2555
Hauptverfasser: Cassiers, Gaetan, Standaert, Francois-Xavier
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Ciphers
Circuit design
Composition
Cryptography
Design optimization
Encryption
Interference
Logic gates
Masking
Multiplication
Probes
Security
Side-channel attacks
Wires
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 2555
container_issue
container_start_page 2542
container_title IEEE transactions on information forensics and security
container_volume 15
creator Cassiers, Gaetan
Standaert, Francois-Xavier
description We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy is to split algorithms in smaller parts (or gadgets), with as main objectives to enable both simple composition (as initiated by Barthe et al. at CCS 2016) and efficient implementations. We argue that existing composition strategies allow either trivial composition with significant overheads or optimized composition with more analysis efforts. As a result, we first introduce a new definition of Probe Isolating Non-Interference (PINI) that allows both trivial composition and efficient implementations. We next prove general composition theorems for PINI gadgets that considerably simplify the analysis of complex masked implementations. We finally design efficient multiplication gadgets that satisfy this definition. As additional results, we exhibit a limitation of existing compositional strategies for the analysis of Multiple-Inputs / Multiple-Outputs (MIMO) gadgets, extend Barthe et al. definition of Strong Non-Interference (SNI) to deal with this context, and describe an optimization method to design efficient MIMO-SNI (sub)circuits. Our results allow proving the security of a recent masked AES implementation by Goudarzi and Rivain (EUROCRYPT 2017). From the implementation viewpoint, PINI implementations reach the level of performance of the best composable masking schemes for the AES Rijndael, and outperform them by significant factors for lightweight ciphers.
doi_str_mv 10.1109/TIFS.2020.2971153
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_8979162</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8979162</ieee_id><sourcerecordid>2362401789</sourcerecordid><originalsourceid>FETCH-LOGICAL-c293t-1ee141aac2aa3daf5727c6df12290e0cf7f9f7f04b06ce32b252913849ec31a43</originalsourceid><addsrcrecordid>eNo9kE1LAzEQhoMoWKs_QLwseN6aSfYrRyltXagfYEVvIc1Oaup2U5Ot0H_vLi09DDMDzzsDDyG3QEcAVDwsyun7iFFGR0zkACk_IwNI0yzOKIPz0wz8klyFsKY0SSArBuRr4e2fVXW9j1RTRRNjrLbYtN0-dputC7ZZRc8q_GAVzVS1wjZEn7b9jt68W2JUBlertmdeXBOXTYveoMdG4zW5MKoOeHPsQ_IxnSzGT_H8dVaOH-exZoK3MSBCAkppphSvlElzluusMsCYoEi1yY3oiiZLmmnkbMlSJoAXiUDNQSV8SO4Pd7fe_e4wtHLtdr7pXkrGM5ZQyAvRUXCgtHcheDRy6-1G-b0EKnuBshcoe4HyKLDL3B0yFhFPfCFyARnj_ztwbJk</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2362401789</pqid></control><display><type>article</type><title>Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference</title><source>IEEE Electronic Library (IEL)</source><creator>Cassiers, Gaetan ; Standaert, Francois-Xavier</creator><creatorcontrib>Cassiers, Gaetan ; Standaert, Francois-Xavier</creatorcontrib><description>We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy is to split algorithms in smaller parts (or gadgets), with as main objectives to enable both simple composition (as initiated by Barthe et al. at CCS 2016) and efficient implementations. We argue that existing composition strategies allow either trivial composition with significant overheads or optimized composition with more analysis efforts. As a result, we first introduce a new definition of Probe Isolating Non-Interference (PINI) that allows both trivial composition and efficient implementations. We next prove general composition theorems for PINI gadgets that considerably simplify the analysis of complex masked implementations. We finally design efficient multiplication gadgets that satisfy this definition. As additional results, we exhibit a limitation of existing compositional strategies for the analysis of Multiple-Inputs / Multiple-Outputs (MIMO) gadgets, extend Barthe et al. definition of Strong Non-Interference (SNI) to deal with this context, and describe an optimization method to design efficient MIMO-SNI (sub)circuits. Our results allow proving the security of a recent masked AES implementation by Goudarzi and Rivain (EUROCRYPT 2017). From the implementation viewpoint, PINI implementations reach the level of performance of the best composable masking schemes for the AES Rijndael, and outperform them by significant factors for lightweight ciphers.</description><identifier>ISSN: 1556-6013</identifier><identifier>EISSN: 1556-6021</identifier><identifier>DOI: 10.1109/TIFS.2020.2971153</identifier><identifier>CODEN: ITIFA6</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Ciphers ; Circuit design ; Composition ; Cryptography ; Design optimization ; Encryption ; Interference ; Logic gates ; Masking ; Multiplication ; Probes ; Security ; Side-channel attacks ; Wires</subject><ispartof>IEEE transactions on information forensics and security, 2020, Vol.15, p.2542-2555</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2020</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c293t-1ee141aac2aa3daf5727c6df12290e0cf7f9f7f04b06ce32b252913849ec31a43</citedby><cites>FETCH-LOGICAL-c293t-1ee141aac2aa3daf5727c6df12290e0cf7f9f7f04b06ce32b252913849ec31a43</cites><orcidid>0000-0001-5426-9345 ; 0000-0001-7444-0285</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8979162$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,4010,27900,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8979162$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Cassiers, Gaetan</creatorcontrib><creatorcontrib>Standaert, Francois-Xavier</creatorcontrib><title>Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference</title><title>IEEE transactions on information forensics and security</title><addtitle>TIFS</addtitle><description>We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy is to split algorithms in smaller parts (or gadgets), with as main objectives to enable both simple composition (as initiated by Barthe et al. at CCS 2016) and efficient implementations. We argue that existing composition strategies allow either trivial composition with significant overheads or optimized composition with more analysis efforts. As a result, we first introduce a new definition of Probe Isolating Non-Interference (PINI) that allows both trivial composition and efficient implementations. We next prove general composition theorems for PINI gadgets that considerably simplify the analysis of complex masked implementations. We finally design efficient multiplication gadgets that satisfy this definition. As additional results, we exhibit a limitation of existing compositional strategies for the analysis of Multiple-Inputs / Multiple-Outputs (MIMO) gadgets, extend Barthe et al. definition of Strong Non-Interference (SNI) to deal with this context, and describe an optimization method to design efficient MIMO-SNI (sub)circuits. Our results allow proving the security of a recent masked AES implementation by Goudarzi and Rivain (EUROCRYPT 2017). From the implementation viewpoint, PINI implementations reach the level of performance of the best composable masking schemes for the AES Rijndael, and outperform them by significant factors for lightweight ciphers.</description><subject>Algorithms</subject><subject>Ciphers</subject><subject>Circuit design</subject><subject>Composition</subject><subject>Cryptography</subject><subject>Design optimization</subject><subject>Encryption</subject><subject>Interference</subject><subject>Logic gates</subject><subject>Masking</subject><subject>Multiplication</subject><subject>Probes</subject><subject>Security</subject><subject>Side-channel attacks</subject><subject>Wires</subject><issn>1556-6013</issn><issn>1556-6021</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kE1LAzEQhoMoWKs_QLwseN6aSfYrRyltXagfYEVvIc1Oaup2U5Ot0H_vLi09DDMDzzsDDyG3QEcAVDwsyun7iFFGR0zkACk_IwNI0yzOKIPz0wz8klyFsKY0SSArBuRr4e2fVXW9j1RTRRNjrLbYtN0-dputC7ZZRc8q_GAVzVS1wjZEn7b9jt68W2JUBlertmdeXBOXTYveoMdG4zW5MKoOeHPsQ_IxnSzGT_H8dVaOH-exZoK3MSBCAkppphSvlElzluusMsCYoEi1yY3oiiZLmmnkbMlSJoAXiUDNQSV8SO4Pd7fe_e4wtHLtdr7pXkrGM5ZQyAvRUXCgtHcheDRy6-1G-b0EKnuBshcoe4HyKLDL3B0yFhFPfCFyARnj_ztwbJk</recordid><startdate>2020</startdate><enddate>2020</enddate><creator>Cassiers, Gaetan</creator><creator>Standaert, Francois-Xavier</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7TB</scope><scope>8FD</scope><scope>FR3</scope><scope>JQ2</scope><scope>KR7</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0001-5426-9345</orcidid><orcidid>https://orcid.org/0000-0001-7444-0285</orcidid></search><sort><creationdate>2020</creationdate><title>Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference</title><author>Cassiers, Gaetan ; Standaert, Francois-Xavier</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c293t-1ee141aac2aa3daf5727c6df12290e0cf7f9f7f04b06ce32b252913849ec31a43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Algorithms</topic><topic>Ciphers</topic><topic>Circuit design</topic><topic>Composition</topic><topic>Cryptography</topic><topic>Design optimization</topic><topic>Encryption</topic><topic>Interference</topic><topic>Logic gates</topic><topic>Masking</topic><topic>Multiplication</topic><topic>Probes</topic><topic>Security</topic><topic>Side-channel attacks</topic><topic>Wires</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Cassiers, Gaetan</creatorcontrib><creatorcontrib>Standaert, Francois-Xavier</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Mechanical &amp; Transportation Engineering Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on information forensics and security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Cassiers, Gaetan</au><au>Standaert, Francois-Xavier</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference</atitle><jtitle>IEEE transactions on information forensics and security</jtitle><stitle>TIFS</stitle><date>2020</date><risdate>2020</risdate><volume>15</volume><spage>2542</spage><epage>2555</epage><pages>2542-2555</pages><issn>1556-6013</issn><eissn>1556-6021</eissn><coden>ITIFA6</coden><abstract>We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy is to split algorithms in smaller parts (or gadgets), with as main objectives to enable both simple composition (as initiated by Barthe et al. at CCS 2016) and efficient implementations. We argue that existing composition strategies allow either trivial composition with significant overheads or optimized composition with more analysis efforts. As a result, we first introduce a new definition of Probe Isolating Non-Interference (PINI) that allows both trivial composition and efficient implementations. We next prove general composition theorems for PINI gadgets that considerably simplify the analysis of complex masked implementations. We finally design efficient multiplication gadgets that satisfy this definition. As additional results, we exhibit a limitation of existing compositional strategies for the analysis of Multiple-Inputs / Multiple-Outputs (MIMO) gadgets, extend Barthe et al. definition of Strong Non-Interference (SNI) to deal with this context, and describe an optimization method to design efficient MIMO-SNI (sub)circuits. Our results allow proving the security of a recent masked AES implementation by Goudarzi and Rivain (EUROCRYPT 2017). From the implementation viewpoint, PINI implementations reach the level of performance of the best composable masking schemes for the AES Rijndael, and outperform them by significant factors for lightweight ciphers.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TIFS.2020.2971153</doi><tpages>14</tpages><orcidid>https://orcid.org/0000-0001-5426-9345</orcidid><orcidid>https://orcid.org/0000-0001-7444-0285</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1556-6013
ispartof IEEE transactions on information forensics and security, 2020, Vol.15, p.2542-2555
issn 1556-6013
1556-6021
language eng
recordid cdi_ieee_primary_8979162
source IEEE Electronic Library (IEL)
subjects Algorithms
Ciphers
Circuit design
Composition
Cryptography
Design optimization
Encryption
Interference
Logic gates
Masking
Multiplication
Probes
Security
Side-channel attacks
Wires
title Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-30T17%3A54%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Trivially%20and%20Efficiently%20Composing%20Masked%20Gadgets%20With%20Probe%20Isolating%20Non-Interference&rft.jtitle=IEEE%20transactions%20on%20information%20forensics%20and%20security&rft.au=Cassiers,%20Gaetan&rft.date=2020&rft.volume=15&rft.spage=2542&rft.epage=2555&rft.pages=2542-2555&rft.issn=1556-6013&rft.eissn=1556-6021&rft.coden=ITIFA6&rft_id=info:doi/10.1109/TIFS.2020.2971153&rft_dat=%3Cproquest_RIE%3E2362401789%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2362401789&rft_id=info:pmid/&rft_ieee_id=8979162&rfr_iscdi=true