当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Trivially and Efficiently Composing Masked Gadgets With Probe Isolating Non-Interference
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2020-02-03 , DOI: 10.1109/tifs.2020.2971153 Gaetan Cassiers , Francois-Xavier Standaert
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2020-02-03 , DOI: 10.1109/tifs.2020.2971153 Gaetan Cassiers , Francois-Xavier Standaert
We revisit the analysis and design of masked cryptographic implementations to prevent side-channel attacks. Our starting point is the (known) observation that proving the security of a higher-order masked block cipher exhaustively requires unrealistic computing power. As a result, a natural strategy is to split algorithms in smaller parts (or gadgets), with as main objectives to enable both simple composition (as initiated by Barthe et al. at CCS 2016) and efficient implementations. We argue that existing composition strategies allow either trivial composition with significant overheads or optimized composition with more analysis efforts. As a result, we first introduce a new definition of Probe Isolating Non-Interference (PINI) that allows both trivial composition and efficient implementations. We next prove general composition theorems for PINI gadgets that considerably simplify the analysis of complex masked implementations. We finally design efficient multiplication gadgets that satisfy this definition. As additional results, we exhibit a limitation of existing compositional strategies for the analysis of Multiple-Inputs / Multiple-Outputs (MIMO) gadgets, extend Barthe et al. definition of Strong Non-Interference (SNI) to deal with this context, and describe an optimization method to design efficient MIMO-SNI (sub)circuits. Our results allow proving the security of a recent masked AES implementation by Goudarzi and Rivain (EUROCRYPT 2017). From the implementation viewpoint, PINI implementations reach the level of performance of the best composable masking schemes for the AES Rijndael, and outperform them by significant factors for lightweight ciphers.
中文翻译:
用探针隔离无干扰的平凡而高效的掩盖小工具
我们将重新分析屏蔽加密实施方案的分析和设计,以防止出现旁通道攻击。我们的出发点是(已知的)观察结果,即要彻底证明高阶掩蔽分组密码的安全性需要不切实际的计算能力。因此,自然的策略是将算法分成较小的部分(或小工具),其主要目标是实现简单的组合(由Barthe等人在CCS 2016上发起)和高效的实现。我们认为,现有的编组策略允许琐碎的编组具有显着的开销,或者允许优化的编组具有更多的分析工作。结果,我们首先引入了探针隔离无干扰(PINI)的新定义,该定义既可以实现简单的组合又可以实现高效的实现。接下来,我们证明PINI小工具的一般组成定理,这些定理大大简化了对复杂屏蔽实现的分析。最后,我们设计出满足此定义的高效乘法小工具。作为额外的结果,我们展示了现有的合成策略在分析多输入/多输出(MIMO)小工具方面的局限性,扩展了Barthe等人。定义强无干扰(SNI)来处理这种情况,并描述一种设计有效MIMO-SNI(子)电路的优化方法。我们的结果可以证明Goudarzi和Rivain最近掩盖的AES实施的安全性(EUROCRYPT 2017)。从实现的角度来看,PINI的实现达到了AES Rijndael的最佳可组合屏蔽方案的性能水平,
更新日期:2020-04-22
中文翻译:
用探针隔离无干扰的平凡而高效的掩盖小工具
我们将重新分析屏蔽加密实施方案的分析和设计,以防止出现旁通道攻击。我们的出发点是(已知的)观察结果,即要彻底证明高阶掩蔽分组密码的安全性需要不切实际的计算能力。因此,自然的策略是将算法分成较小的部分(或小工具),其主要目标是实现简单的组合(由Barthe等人在CCS 2016上发起)和高效的实现。我们认为,现有的编组策略允许琐碎的编组具有显着的开销,或者允许优化的编组具有更多的分析工作。结果,我们首先引入了探针隔离无干扰(PINI)的新定义,该定义既可以实现简单的组合又可以实现高效的实现。接下来,我们证明PINI小工具的一般组成定理,这些定理大大简化了对复杂屏蔽实现的分析。最后,我们设计出满足此定义的高效乘法小工具。作为额外的结果,我们展示了现有的合成策略在分析多输入/多输出(MIMO)小工具方面的局限性,扩展了Barthe等人。定义强无干扰(SNI)来处理这种情况,并描述一种设计有效MIMO-SNI(子)电路的优化方法。我们的结果可以证明Goudarzi和Rivain最近掩盖的AES实施的安全性(EUROCRYPT 2017)。从实现的角度来看,PINI的实现达到了AES Rijndael的最佳可组合屏蔽方案的性能水平,
京公网安备 11010802027423号