A Generic Table Recomputation-Based Higher-Order Masking
RIS ID
117819
Abstract
2017 IEEE. Masking is a class of well-known countermeasure against side-channel attacks by employing the idea of secret sharing. In this paper, we propose a generic table recomputationbased masking scheme at any chosen order t, named divided S-box masking (DSM), and its security has been proved under the security framework from Crypto 2003. The table recomputationbased masking is suitable for software implementation and the masked table can be stored in memory, where it can be accessed fast. For any input, DSM scheme generates n output shares by two queries. DSM scheme requires two vectors L and R, and a matrix M of random numbers. Each element of L is the XOR result of the output of S-box and n-1 random numbers. These n-1 random numbers are stored in two lines of M and R which is a vector of indexes for the second query. Furthermore, we performed the attacks on the software implementation of DSM to evaluate its practical security, and compared the timing and space complexity with the existing table recomputation-based masking in the same platform to verify the advantage of the DSM.
Publication Details
Tang, M., Qiu, Z., Guo, Z., Mu, Y., Huang, X. & Danger, J. (2017). A Generic Table Recomputation-Based Higher-Order Masking. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 36 (11), 1779-1789.