Welcome to the resource topic for 2013/396
Title:
On the Practical Security of a Leakage Resilient Masking Scheme
Authors: Emmanuel Prouff, Matthieu Rivain, Thomas Roche
Abstract:At TCC 2012, Dziembowski and Faust show how to construct leakage resilient circuits using secret sharing based on the inner product [2]. At Asiacrypt 2012, Ballash et al. turned the latter construction into an efficient masking scheme and they apply it to protect an implementation of AES against side-channel attacks [1]. The so-called Inner-Product masking (IPmasking for short) was claimed to be secure with respect to two different security models: the \lambda-limited security model (Section 4 of [1]), and the dth-order security model (see definitions p.8 of [1]). In the former model, the security proof makes sense for a sharing dimension n > 130 which is acknowledged impractical by the authors. In the latter model, the scheme is claimed secure up to the order d = n-1. In this note, we contradict the dth-order security claim by exhibiting a 1st-order flaw in the masking algorithm for any chosen sharing dimension n.
ePrint: https://eprint.iacr.org/2013/396
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .