Bitslice Masking and Improved Shuffling: How and When to Mix Them in Software?

We revisit the popular adage that side-channel countermeasures must be combined to be efficient, and study its application to bitslice masking and shuffling. Our contributions are threefold. First, we improve this combination: by shuffling the shares of a masked implementation rather than its tuples, we can amplify the impact of the shuffling exponentially in the number of shares, while this impact was independent of the masking security order in previous works. Second, we evaluate the masking and shuffling combination’s performance vs. security tradeoff under sufficient noise conditions: we show that the best approach is to mask first (i.e., fill the registers with as many shares as possible) and shuffle the independent operations that remain. Third, we discuss the challenges for implementing masking and shuffling under low noise conditions: we recall that such algorithmic countermeasures cannot be implemented securely without a minimum level of physical noise. We conclude that with moderate but sufficient noise, the bitslice masking + shuffling combination is relevant, and its interest increases when randomness is expensive and many independent operations are available for shuffling. When these conditions are not met, masking only is the best option. As a side result, we improve the best known attack against shuffling from Asiacrypt 2012, which we use in our concrete evaluations.

[1]  Sylvain Guilley,et al.  Best Information is Most Successful Mutual Information and Success Rate in Side-Channel Analysis , 2019, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[2]  François-Xavier Standaert,et al.  Side-Channel Countermeasures' Dissection and the Limits of Closed Source Security Evaluations , 2019, IACR Cryptol. ePrint Arch..

[3]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[4]  Sylvain Guilley,et al.  Multivariate High-Order Attacks of Shuffled Tables Recomputation , 2017, Journal of Cryptology.

[5]  Emmanuel Prouff,et al.  Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers , 2009, CHES.

[6]  Éliane Jaulmes,et al.  A Systematic Appraisal of Side Channel Evaluation Strategies , 2020, SSR.

[7]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[8]  Debdeep Mukhopadhyay,et al.  Lightweight Design-for-Security Strategies for Combined Countermeasures Against Side Channel and Fault Analysis in IoT Applications , 2018, J. Hardw. Syst. Secur..

[9]  Stefan Mangard,et al.  An AES Smart Card Implementation Resistant to Power Analysis Attacks , 2006, ACNS.

[10]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[11]  Jean-Sébastien Coron,et al.  Secure Shuffling in the Probing Model , 2021, IACR Cryptol. ePrint Arch..

[12]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[13]  François-Xavier Standaert,et al.  Shuffling against Side-Channel Attacks: A Comprehensive Study with Cautionary Note , 2012, ASIACRYPT.

[14]  Pierre-Évariste Dagand,et al.  Tornado: Automatic Generation of Probing-Secure Masked Bitsliced Implementations , 2020, EUROCRYPT.

[15]  Debdeep Mukhopadhyay,et al.  Shuffling across rounds: A lightweight strategy to counter side-channel attacks , 2016, 2016 IEEE 34th International Conference on Computer Design (ICCD).

[16]  Stefan Mangard,et al.  Hardware Countermeasures against DPA ? A Statistical Analysis of Their Effectiveness , 2004, CT-RSA.

[17]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[18]  François-Xavier Standaert,et al.  Towards Globally Optimized Masking: From Low Randomness to Low Noise Rate or Probe Isolating Multiplications with Reduced Randomness and Security against Horizontal Attacks , 2019, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[19]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[20]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[21]  Cécile Canovas,et al.  A Comprehensive Study of Deep Learning for Side-Channel Analysis , 2019, IACR Cryptol. ePrint Arch..

[22]  Eli Biham,et al.  A Fast New DES Implementation in Software , 1997, FSE.

[23]  François-Xavier Standaert,et al.  Soft Analytical Side-Channel Attacks , 2014, ASIACRYPT.

[24]  Matthieu Rivain,et al.  How Fast Can Higher-Order Masking Be in Software? , 2017, EUROCRYPT.

[25]  Emmanuel Prouff,et al.  Masking against Side-Channel Attacks: A Formal Security Proof , 2013, EUROCRYPT.

[26]  François-Xavier Standaert,et al.  Leakage Certification Revisited: Bounding Model Errors in Side-Channel Security Evaluations , 2019, IACR Cryptol. ePrint Arch..

[27]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[28]  Tim Güneysu,et al.  Generic Side-Channel Countermeasures for Reconfigurable Devices , 2011, CHES.

[29]  Josep Balasch,et al.  On the Cost of Lazy Engineering for Masked Software Implementations , 2014, CARDIS.

[30]  Michael Tunstall,et al.  Masking Tables - An Underestimated Security Risk , 2013, FSE.

[31]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[32]  Vincent Verneuil,et al.  On the Worst-Case Side-Channel Security of ECC Point Randomization in Embedded Devices , 2020, IACR Cryptol. ePrint Arch..

[33]  Guido Bertoni,et al.  Keccak , 2013, EUROCRYPT.

[34]  François-Xavier Standaert,et al.  Masking Proofs are Tight (and How to Exploit it in Security Evaluations) , 2018, IACR Cryptol. ePrint Arch..

[35]  François-Xavier Standaert,et al.  Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device , 2015, EUROCRYPT.

[36]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[37]  François-Xavier Standaert,et al.  Breaking Masked Implementations with Many Shares on 32-bit Software Platforms or When the Security Order Does Not Matter , 2021, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[38]  Sonia Belaïd,et al.  Tight Private Circuits: Achieving Probing Security with the Least Refreshing , 2018, IACR Cryptol. ePrint Arch..