Welcome to the resource topic for 2013/396
On the Practical Security of a Leakage Resilient Masking Scheme
Authors: Emmanuel Prouff, Matthieu Rivain, Thomas RocheAbstract:
At TCC 2012, Dziembowski and Faust show how to construct leakage resilient circuits using secret sharing based on the inner product . At Asiacrypt 2012, Ballash et al. turned the latter construction into an efficient masking scheme and they apply it to protect an implementation of AES against side-channel attacks . The so-called Inner-Product masking (IPmasking for short) was claimed to be secure with respect to two different security models: the \lambda-limited security model (Section 4 of ), and the dth-order security model (see definitions p.8 of ). In the former model, the security proof makes sense for a sharing dimension n > 130 which is acknowledged impractical by the authors. In the latter model, the scheme is claimed secure up to the order d = n-1. In this note, we contradict the dth-order security claim by exhibiting a 1st-order flaw in the masking algorithm for any chosen sharing dimension n.
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .