Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Communication complexity of secure computation (extended abstract)
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Communications of the ACM
Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Multiplicative Masking and Power Analysis of AES
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Side Channel Cryptanalysis of a Higher Order Masking Scheme
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Provably secure higher-order masking of AES
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Affine masking against higher-order side channel analysis
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches
Journal of Cryptology - Special Issue on Hardware and Security
Montgomery's trick and fast implementation of masked AES
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Protecting AES with Shamir's secret sharing scheme
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
A fast and provably secure higher-order masking of AES S-box
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Thwarting higher-order side channel analysis with additive and multiplicative maskings
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Threshold implementations against side-channel attacks and glitches
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Higher order masking of the AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Side-channel leakage of masked CMOS gates
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Perfectly secure multiparty computation and the computational overhead of cryptography
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Implementing AES via an actively/covertly secure dishonest-majority MPC protocol
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Shuffling against side-channel attacks: a comprehensive study with cautionary note
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Theory and practice of a leakage resilient masking scheme
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
In this paper, we evaluate the performances of state-of-the-art higher-order masking schemes for the AES. Doing so, we pay a particular attention to the comparison between specialized solutions introduced exclusively as countermeasures against side-channel analysis, and a recent proposal by Roche and Prouff exploiting MultiParty Computation (MPC) techniques. We show that the additional security features this latter scheme provides (e.g. its glitch-freeness) comes at the cost of large performance overheads. We then study how exploiting standard optimization techniques from the MPC literature can be used to reduce this gap. In particular, we show that "packed secret sharing" based on a modified multiplication algorithm can speed up MPC-based masking when the order of the masking scheme increases. Eventually, we discuss the randomness requirements of masked implementations. For this purpose, we first show with information theoretic arguments that the security guarantees of masking are only preserved if this randomness is uniform, and analyze the consequences of a deviation from this requirement. We then conclude the paper by including the cost of randomness generation in our performance evaluations. These results should help actual designers to choose a masking scheme based on security and performance constraints.