Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Securing the AES Finalists Against Power Analysis Attacks
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Power analysis attacks and countermeasures for cryptographic algorithms
Power analysis attacks and countermeasures for cryptographic algorithms
Side Channel Cryptanalysis of a Higher Order Masking Scheme
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis
Fast Software Encryption
Attacking State-of-the-Art Software Countermeasures--A Case Study for AES
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A generic method for secure Sbox implementation
WISA'07 Proceedings of the 8th international conference on Information security applications
Provably secure higher-order masking of AES
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Secure multiplicative masking of power functions
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
How to maximize software performance of symmetric primitives on pentium III and 4 processors
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
A side-channel analysis resistant description of the AES s-box
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Provably secure s-box implementation based on fourier transform
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Practical second-order DPA attacks for masked smart card implementations of block ciphers
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Higher order masking of the AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Template attacks on masking—resistance is futile
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
An efficient masking scheme for AES software implementations
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Thwarting higher-order side channel analysis with additive and multiplicative maskings
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Fresh re-keying II: securing multiple parties against side-channel and fault attacks
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Masking vs. multiparty computation: how large is the gap for AES?
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
AES side-channel countermeasure using random tower field constructions
Designs, Codes and Cryptography
Hi-index | 0.00 |
Side Channel Analysis (SCA) is a class of attacks that exploit leakage of information from a cryptographic implementation during execution. To thwart it, masking is a common strategy that aims at hiding correlation between the manipulated secret key and the physical measures. Even though the soundness of masking has often been argued, its application is very time consuming, especially when so-called higher-order SCA (HO-SCA) are considered. Reducing this overhead at the cost of limited RAM consumption increase is a hot topic for the embedded security industry. In this paper, we introduce such an improvement in the particular case of the AES. Our approach consists in adapting a trick introduced by Montgomery to efficiently compute several inversions in a multiplicative group. For such a purpose, and to achieve security against HO-SCA, recent works published at CHES 2010 and ACNS 2010 are involved. In particular, the secure dirac computation scheme introduced by Genelle et al. at ACNS is extended to achieve security against SCA at any order. As argued in the second part of this paper, our approach improves in time complexity all previous masking methods requiring little RAM.