Provably Secure Masking of AES

A general method to secure cryptographic algorithms against side-channel attacks is the use of randomization techniques and, in particular, masking. Roughly speaking, using random values unknown to an adversary one masks the input to a cryptographic algorithm. As a result, the intermediate results in the algorithm computation are uncorrelated to the input and the adversary cannot obtain any useful information from the side-channel. Unfortunately, previous AES randomization techniques have based their security on heuristics and experiments. Thus, flaws have been found which make AES randomized implementations still vulnerable to side-channel cryptanalysis. In this paper, we provide a formal notion of security for randomized maskings of arbitrary cryptographic algorithms. Furthermore, we present an AES randomization technique that is provably secure against side-channel attacks if the adversary is able to access a single intermediate result. Our randomized masking technique is quite general and it can be applied to arbitrary algorithms using only arithmetic operations over some finite field. To our knowledge this is the first time that a randomization technique for the AES has been proven secure in a formal model.

[1]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[2]  Louis Goubin,et al.  DES and Differential Power Analysis (The "Duplication" Method) , 1999, CHES.

[3]  Germain Drolet,et al.  A New Representation of Elements of Finite Fields GF(2m) Yielding Small Complexity Arithmetic Circuits , 1998, IEEE Trans. Computers.

[4]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[5]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[6]  Elena Trichina,et al.  Combinational Logic Design for AES SubByte Transformation on Masked Data , 2003, IACR Cryptol. ePrint Arch..

[7]  Suresh Chari,et al.  A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards , 1999 .

[8]  Louis Goubin,et al.  A Generic Protection against High-Order Differential Power Analysis , 2003, FSE.

[9]  Ingrid Verbauwhede,et al.  Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology , 2003, CHES.

[10]  Louis Goubin,et al.  Two Power Analysis Attacks against One-Mask Methods , 2004, FSE.

[11]  Christof Paar,et al.  Itoh-Tsujii Inversion in Standard Basis and Its Application in Cryptography and Codes , 2002, Des. Codes Cryptogr..

[12]  George S. Taylor,et al.  Balanced self-checking asynchronous logic for smart card applications , 2003, Microprocess. Microsystems.

[13]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[14]  Bart Preneel,et al.  Power-analysis attack on an ASIC AES implementation , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[15]  George S. Taylor,et al.  Security Evaluation of Asynchronous Circuits , 2003, CHES.

[16]  Stefan Mangard,et al.  A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion , 2002, ICISC.

[17]  Elena Trichina,et al.  Simplified Adaptive Multiplicative Masking for AES , 2002, CHES.

[18]  T. Itoh,et al.  A Fast Algorithm for Computing Multiplicative Inverses in GF(2^m) Using Normal Bases , 1988, Inf. Comput..

[19]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[20]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[21]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[22]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[23]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[24]  SteinwandtRainer,et al.  On "A New Representation of Elements of Finite Fields GF (2^m) Yielding Small Complexity Arithmetic Circuits" , 2002 .

[25]  Jovan Dj. Golic,et al.  Multiplicative Masking and Power Analysis of AES , 2002, CHES.

[26]  Christof Paar,et al.  A Collision-Attack on AES: Combining Side Channel- and Differential-Attack , 2004, CHES.

[27]  Jovan Dj. Golic DeKaRT: A New Paradigm for Key-Dependent Reversible Circuits , 2003, CHES.

[28]  Christophe Clavier,et al.  Differential Power Analysis in the Presence of Hardware Countermeasures , 2000, CHES.