Generic Low-Latency Masking in Hardware

In this work, we introduce a generalized concept for low-latency masking that is applicable to any implementation and protection order, and (in its most extreme form) does not require on-the-fly randomness. The main idea of our approach is to avoid collisions of shared variables in nonlinear circuit parts and to skip the share compression. We show the feasibility of our approach on a full implementation of a one-round unrolled Ascon variant and on an AES S-box case study. Additionally, we discuss possible trade-offs to make our approach interesting for practical implementations. As a result, we obtain a first-order masked AES S-box that is calculated in a single clock cycle with rather high implementation costs (60.7 kGE), and a two-cycle variant with much less implementation costs (6.7 kGE). The side-channel resistance of our Ascon S-box designs up to order three are then verified using the formal analysis tool of [BGI + 18]. Furthermore, we introduce a taint checking based verification approach that works specifically for our low-latency approach and allows us to verify large circuits like our low-latency AES S-box design in reasonable time.

[1]  Edwin NC Mui,et al.  Practical Implementation of Rijndael S-Box Using Combinational Logic , 2007 .

[2]  Ingrid Verbauwhede,et al.  Consolidating Masking Schemes , 2015, CRYPTO.

[3]  Vincent Rijmen,et al.  Efficient and First-Order DPA Resistant Implementations of Keccak , 2013, CARDIS.

[4]  Vincent Rijmen,et al.  A More Efficient AES Threshold Implementation , 2014, AFRICACRYPT.

[5]  Stefan Mangard,et al.  An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order , 2017, CT-RSA.

[6]  Ashrujit Ghoshal,et al.  Several Masked Implementations of the Boyar-Peralta AES S-Box , 2017, INDOCRYPT.

[7]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[8]  Shay Gueron,et al.  Intel's New AES Instructions for Enhanced Performance and Security , 2009, FSE.

[9]  Begül Bilgin,et al.  Higher-Order Threshold Implementation of the AES S-Box , 2015, CARDIS.

[10]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[11]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[12]  Benjamin Grégoire,et al.  Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model , 2017, EUROCRYPT.

[13]  Joan Boyar,et al.  A Small Depth-16 Circuit for the AES S-Box , 2012, SEC.

[14]  Stefan Mangard,et al.  A unified masking approach , 2018, Journal of Cryptographic Engineering.

[15]  Stefan Mangard,et al.  Formal Verification of Masked Hardware Implementations in the Presence of Glitches , 2018, IACR Cryptol. ePrint Arch..

[16]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[17]  Vincent Rijmen,et al.  Masking AES With d+1 Shares in Hardware , 2016, CHES.

[18]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[19]  Vincent Rijmen,et al.  AES implementation on a grain of sand , 2005 .

[20]  Syed Kareem Uddin Trade-OFFS For Threshold Implementations Illustrated on AES , 2017 .

[21]  Vincent Rijmen,et al.  Rhythmic Keccak: SCA Security and Low Latency in HW , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[22]  Stefan Mangard,et al.  Reconciling d+1 Masking in Hardware and Software , 2017, CHES.

[23]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.