International Association for Cryptologic Research

International Association
for Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems, Volume 2022

On Efficient and Secure Code-based Masking: A Pragmatic Evaluation


Qianmei Wu
Polytechnic institute, Zhejiang University

Wei Cheng
LTCI, Télécom Paris, Institut Polytechnique de Paris, 91120, Palaiseau, France

Sylvain Guilley
Secure-IC S.A.S., 75015, Paris, France; LTCI, Télécom Paris, Institut Polytechnique de Paris, 91120, Palaiseau, France

Fan Zhang
Institute of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University

Wei Fu
ANT GROUP


Keywords: Side-Channel Analysis, Code-based Masking, Efficient Implementation, Security Evaluation, Inner Product Masking, Redundant Sharing


Abstract

Code-based masking is a highly generalized type of masking schemes, which can be instantiated into specific cases by assigning different encoders. It captivates by its side-channel resistance against higher-order attacks and the potential to withstand fault injection attacks. However, similar to other algebraically-involved masking schemes, code-based masking is also burdened with expensive computational overhead. To mitigate such cost and make it efficient, we contribute to several improvements to the original scheme proposed by Wang et al. in TCHES 2020. Specifically, we devise a computationally friendly encoder and accordingly accelerate masked gadgets to leverage efficient implementations. In addition, we highlight that the amortization technique introduced by Wang et al. does not always lead to efficient implementations as expected, but actually decreases the efficiency in some cases.
From the perspective of practical security, we carry out an extensive evaluation of the concrete security of code-based masking in the real world. On one hand, we select three representative variations of code-based masking as targets for an extensive evaluation. On the other hand, we aim at security assessment of both encoding and computations to investigate whether the state-of-the-art computational framework for code-based masking reaches the security of the corresponding encoding. By leveraging both leakage assessment tool and side-channel attacks, we verify the existence of “security order amplification” in practice and validate the reliability of the leakage quantification method proposed by Cheng et al. in TCHES 2021. In addition, we also study the security decrease caused by the “cost amortization” technique and redundancy of code-based masking. We identify a security bottleneck in the gadgets computations which limits the whole masked implementation. To the best of our knowledge, this is the first time that allows us to narrow down the gap between the theoretical security order under the probing model (sometimes with simulation experiments) and the concrete side-channel security level of protected implementations by code-based masking in practice.

Publication

Transactions of Cryptographic Hardware and Embedded Systems, Volume 2022, Issue 3

Paper

Artifact

Artifact number
tches/2022/a14

Artifact published
October 25, 2022

README

ZIP (30 MB)  

License


BibTeX How to cite

Wu, Q., Cheng, W., Guilley, S., Zhang, F., & Fu, W. (2022). On Efficient and Secure Code-based Masking: A Pragmatic Evaluation. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(3), 192–222. https://doi.org/10.46586/tches.v2022.i3.192-222. Artifact available at https://artifacts.iacr.org/tches/2022/a14