Jan Richter-Brockmann
Ruhr University Bochum

Pascal Sasdrich
Ruhr University Bochum

Christof Beierle
Ruhr University Bochum

Jakob Feldtkeller
Ruhr University Bochum

Anna Guinet
Ruhr University Bochum

Gregor Leander
Ruhr University Bochum

Tim Güneysu
Ruhr University Bochum, DFKI GmbH Bremen

Keywords: Indistinguishability Analysis, Side-Channel Analysis, Probing Security, Random Probing Security, Security Verification

Abstract

While masking is a widely used defense against passive side-channel attacks, its secure implementation in hardware continues to be a manual, complex, and error-prone process.

This paper introduces INDIANA, a comprehensive security verification methodology for hardware masking. Our results include a hardware verification tool, enabling a complete analysis of simulation-based security in the glitch-extended probing model and intra-cycle estimations for leakage probabilities in the random probing model. Notably, INDIANA is the first framework to analyze arbitrary masked circuits in both models, even at the scale of full SPN cipher rounds (e.g., AES), while delivering exact verification results. To achieve accurate and comprehensive verification, we propose a partitionable probing distinguisher that allows for fast validation of probe tuples, surpassing current methods that rely on statistical independence. Furthermore, our approach naturally supports extensions to the random probing model by utilizing Fast Fourier-Hadamard Transformations (FHTs).

Benchmark results show that INDIANA competes effectively with leading probing model verification tools, such as ironMask, maskVerif, and VERICA. INDIANA is also the first tool that is capable to provide intra-cycle estimations of random probing leakage probabilities for large-scale masked circuits.