Loading…
Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes
Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing d th-order masking schemes, w...
Saved in:
Published in: | IEEE transactions on computer-aided design of integrated circuits and systems 2018-12, Vol.37 (12), p.3008-3019 |
---|---|
Main Authors: | , , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing d th-order masking schemes, where d represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of d th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the d th-order masking schemes is {O(nm)} , where m is the number of signals and n is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the d th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original desig |
---|---|
ISSN: | 0278-0070 1937-4151 |
DOI: | 10.1109/TCAD.2018.2789727 |