nach oben

Journal of Cryptographic Engineering

15.11.2022 | Regular Paper

Toward finding best linear codes for side-channel protections (extended version)

verfasst von: Wei Cheng, Yi Liu, Sylvain Guilley, Olivier Rioul

Erschienen in: Journal of Cryptographic Engineering

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Side-channel attacks aim at extracting secret keys from cryptographic devices. Randomly masking the implementation is a provable way to protect the secrets against this threat. Recently, various masking schemes have converged to the “code-based masking” philosophy. In code-based masking, different codes allow for different levels of side-channel security. In practice, for a given leakage function, it is important to select the code which enables the best resistance, i.e., which forces the attacker to capture and analyze the largest number of side-channel traces. This paper is a first attempt to address the constructive selection of the optimal codes in the context of side-channel countermeasures, in particular for code-based masking when the device leaks information in the Hamming weight leakage model. We show that the problem is related to the weight enumeration of the extended dual of the masking code. We first present mathematical tools to study those weight enumeration polynomials, and then provide an efficient method to search for good codes, based on a lexicographic sorting of the weight enumeration polynomial from the lowest to highest degrees.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

It is worth noting that, in theory, MI is not restricted to rely on specific assumption on the leakage model. However, we focus on the linear leakage model in this paper.

Note that Theorem 4 in [10] only focuses on the first \(A_i\) for nonzero codewords.

Balasch, J., Faust, S., Gierlichs, B., Paglialonga, C., Standaert, F.-X.: Consolidating inner product masking. In: Takagi, T., Peyrin, T. (eds) Advances in Cryptology—ASIACRYPT 2017—23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3–7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pp. 724–754. Springer (2017)

Barthe, G., Dupressoir, F., Faust, S., Grégoire, B., Standaert, F.-X., Strub, P.-Y.: Parallel implementations of masking schemes and the bounded moment leakage model. In: Advances in Cryptology—EUROCRYPT 2017, Paris, France, April 30–May 4, 2017, Proceedings, Part I, pp. 535–566 (2017)

Betsumiya, K.: Minimum Lee weights of type II codes over \({\mathbb{F}}_{2^r}\). Discret. Math. 308(14), 3018–3022 (2008)MathSciNetCrossRefMATH

Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal direct sum masking—a smartcard friendly computation paradigm in a code, with built in protection against side-channel and fault attacks. In: Naccache, D., Sauveron, D. (eds) Information Security Theory and Practice. Securing the Internet of Things—8th IFIP WG 11.2 International Workshop, WISTP 2014, Heraklion, Crete, Greece, June 30–July 2, 2014. Proceedings, volume 8501 of Lecture Notes in Computer Science, pp. 40–56. Springer (2014)

Bruneau, N., Guilley, S., Heuser, A., Rioul, O.: Masks will fall off—higher-order optimal distinguishers. In: Sarkar, P., Iwata, T. (eds) Advances in Cryptology—ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, ROC, December 7–11, 2014, Proceedings, Part II, volume 8874 of Lecture Notes in Computer Science, pp. 344–365. Springer (2014)

Carlet, C., Guilley, S.: Statistical properties of side-channel and fault injection attacks using coding theory. Cryptogr. Commun. 10(5), 909–933 (2018)MathSciNetCrossRefMATH

Cheng, W., Liu, Y., Guilley, S., Rioul, O.: Attacking masked cryptographic implementations: information-theoretic bounds. In: IEEE International Symposium on Information Theory, ISIT 2022, Espoo, Finland, June 26–July 1, 2022, pp. 654–659. IEEE (2022)

Cheng, W., Liu, Y., Guilley, S., Rioul, O.: Towards finding best linear codes for side-channel protections. In: Kühne, U., Zhang, F. (eds) Proceedings of 10th International Workshop on Security Proofs for Embedded Systems, volume 87 of EPiC Series in Computing, pp. 83–99. EasyChair (2022)

Cheng, W., Guilley, S., Carlet, C., Danger, J.-L., Mesnager, S.: Information leakages in code-based masking: a unified quantification approach. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 465–495 (2021)CrossRef

10.

Cheng, W., Guilley, S., Carlet, C., Mesnager, S., Danger, J.-L.: Optimizing inner product masking scheme by a coding theory approach. IEEE Trans. Inf. Forensics Secur. 16, 220–235 (2021)CrossRef

11.

Cheng, W., Guilley, S., Danger, J.-L.: Information leakage in code-based masking: a systematic evaluation by higher-order attacks. IEEE Trans. Inf. Forensics Secur. 17, 1624–1638 (2022)CrossRef

12.

de Chérisey, É., Guilley, S., Rioul, O., Piantanida, P.: Best information is most successful—mutual information and success rate in side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 49–79 (2019)CrossRef

13.

De Cnudde, T., Bilgin, B., Gierlichs, B., Nikov, V., Nikova, S., Rijmen, V.: Does coupling affect the security of masked implementations? In: Guilley, S. (ed) Constructive Side-Channel Analysis and Secure Design—8th International Workshop, COSADE 2017, Paris, France, April 13–14, 2017, Revised Selected Papers, volume 10348 of Lecture Notes in Computer Science, pp. 1–18. Springer (2017)

14.

Delsarte, P.: The association schemes of coding theory. In: Combinatorics, pp. 143–161. Springer (1975)

15.

Forney, G.D.: Concatenated Codes. Ph.D. Thesis, M.I.T. Department of Electrical Engineering, December (1965)

16.

Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: CRYPTO, Volume 2729 of Lecture Notes in Computer Science, pp. 463–481. Springer, August 17–21, Santa Barbara, California, USA (2003)

17.

Lacan, J., Delpeyroux, E.: The q-ary image of some \(\text{ q}^{\text{ m }}\)-ary cyclic codes: permutation group and soft-decision decoding. IEEE Trans. Inf. Theory 48(7), 2069–2078 (2002)CrossRefMATH

18.

Le Bidan, Raphaël, Pyndiah, Ramesh, Adde, Patrick: Some Results on the Binary Minimum Distance of Reed-Solomon Codes and Block Turbo Codes. In Proceedings of IEEE International Conference on Communications, ICC 2007, Glasgow, Scotland, UK, 24-28 June 2007, pages 990–994. IEEE (2007)

19.

Lempel, A.: Matrix factorization over GF(2) and trace-orthogonal bases of GF(\({2}^{\text{ n }}\)). SIAM J. Comput. 4(2), 175–186 (1975)MathSciNetCrossRefMATH

20.

Lidl, R., Niederreiter, H.: Encyclopedia of Mathematics and Its Applications #20. Cambridge University Press: ISBN 10: 0521392314. ISBN 13, 9780521392310 (1997)

21.

MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. Elsevier, Amsterdam, North Holland. ISBN: 978-0-444-85193-2 (1977)

22.

Maghrebi, H., Guilley, S., Danger, J.-L.: Leakage squeezing countermeasure against high-order attacks. In: Ardagna C.A., Zhou J. (eds) Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication—5th IFIP WG 11.2 International Workshop, WISTP 2011, Heraklion, Crete, Greece, June 1–3, 2011. Proceedings, volume 6633 of Lecture Notes in Computer Science, pp. 208–223. Springer (2011)

23.

Nassar, M., Souissi, Y., Guilley, S., Danger, J.-L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Rosenstiel, W., Thiele L. (eds) 2012 Design, Automation and Test in Europe Conference and Exhibition, DATE 2012, Dresden, Germany, March 12–16, 2012, pp. 1173–1178. IEEE (2012)

24.

Poussier, R., Guo, Q., Standaert, F.-X., Carlet, C., Guilley, S.: Connecting and improving direct sum masking and inner product masking. In: Eisenbarth, T., Teglia Y. (eds) Smart Card Research and Advanced Applications—16th International Conference, CARDIS 2017, Lugano, Switzerland, November 13–15, 2017, Revised Selected Papers, volume 10728 of Lecture Notes in Computer Science, pp. 123–141. Springer (2017)

25.

Prouff, E., Roche, T.: Higher-order glitches free implementation of the AES using secure multi-party computation protocols. In: Preneel, B., Takagi, T. (eds) CHES, volume 6917 of LNCS, pp. 63–78. Springer (2011)

26.

Rabizzoni, P.: Relation between the minimum weight of a linear code over GF(q\({}^{\text{ m }}\)) and its q-art image over GF(q). In: Cohen, G.D., Wolfmann, J. (eds) Coding Theory and Applications, 3rd International Colloquium, Toulon, France, November 2–4, 1988, Proceedings, volume 388 of Lecture Notes in Computer Science, pp. 209–212. Springer (1988)

27.

Retter, C.T.: Gaps in the binary weight distributions of reed-Solomon codes. IEEE Trans. Inf. Theory 38(6), 1688–1697 (1992)MathSciNetCrossRefMATH

28.

Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds) CHES, Volume 6225 of LNCS, pp. 413–427. Springer (2010)

29.

Sakakibara, K., Kasahara, M.: On the minimum distance of a q-ary image of a \({\rm q}^{\text{ m }}\)-ary cyclic code. IEEE Trans. Inf. Theory 42(5), 1631–1635 (1996)CrossRefMATH

30.

Seroussi, G., Lempel, A.: Factorization of symmetric matrices and trace-orthogonal bases in finite fields. SIAM J. Comput. 9(4), 758–767 (1980)MathSciNetCrossRefMATH

31.

Singleton, R.C.: Maximum distance q-nary codes. IEEE Trans. Inf. Theory 10(2), 116–118 (1964)

32.

University of Sydney (Australia). Magma Computational Algebra System. http://magma.maths.usyd.edu.au/magma/. Accessed on 22 August 2022

33.

Wang, W., Méaux, P., Cassiers, G., Standaert, F.-X.: Efficient and private computations with code-based masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(2), 128–171 (2020)

34.

Woungang, I., Sadeghian, A., Melek, W.W.: Bounds on the minimum distances of a class of q-ary images of q\({}^{\text{ m }}\)-ary irreducible cyclic codes. In: Proceedings of the 2004 IEEE International Symposium on Information Theory, ISIT 2004, Chicago Downtown Marriott, Chicago, Illinois, USA, June 27–July 2, 2004, p. 185. IEEE (2004)

35.

Wu, Q., Cheng, W., Guilley, S., Zhang, F., Fu, W.: On Efficient and Secure Code-based Masking: A Pragmatic Evaluation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(3), 192–222 (2022)

Titel: Toward finding best linear codes for side-channel protections (extended version)
verfasst von: Wei Cheng
Yi Liu
Sylvain Guilley
Olivier Rioul
Publikationsdatum: 15.11.2022
Verlag: Springer Berlin Heidelberg
Erschienen in: Journal of Cryptographic Engineering
Print ISSN: 2190-8508
Elektronische ISSN: 2190-8516
DOI: https://doi.org/10.1007/s13389-022-00305-x

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"