Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes

Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing d th-order masking schemes, w...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on computer-aided design of integrated circuits and systems 2018-12, Vol.37 (12), p.3008-3019
Main Authors: Ming, Tang, Yanbin, Li, Dongyan, Zhao, Yuguang, Li, Fei, Yan, Huanguo, Zhang
Format: Article
Language:English
Subjects:
<italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">d th-order masking schemes
Algorithm design and analysis
Design
Electronic mail
field-programmable gate array (FPGA)
Hardware
hardware implementation
Integrated circuit modeling
Leakage
Masking
practical security
Security
Semiconductor device modeling
side-channel attack (SCA)
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853
cites cdi_FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853
container_end_page 3019
container_issue 12
container_start_page 3008
container_title IEEE transactions on computer-aided design of integrated circuits and systems
container_volume 37
creator Ming, Tang
Yanbin, Li
Dongyan, Zhao
Yuguang, Li
Fei, Yan
Huanguo, Zhang
description Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing d th-order masking schemes, where d represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of d th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the d th-order masking schemes is {O(nm)} , where m is the number of signals and n is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the d th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original desig
doi_str_mv 10.1109/TCAD.2018.2789727
format article
fullrecord <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_ieee_primary_8246545</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8246545</ieee_id><sourcerecordid>2137586397</sourcerecordid><originalsourceid>FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853</originalsourceid><addsrcrecordid>eNo9kFtLwzAUgIMoOKc_QHwJ-Nx5cmmTPI552aAywfkcsuZ06y7tTDrEf2_Lhk-Bk-87Bz5C7hmMGAPztJiMn0ccmB5xpY3i6oIMmBEqkSxll2QA3TgBUHBNbmLcADCZcjMg8xzdln40Vd3SvClcW9UrWtV06oL_cQHpbH_Y4R7rtvtq6kibkk6r1RpDMg8eA313cds7n8W6w-ItuSrdLuLd-R2Sr9eXxWSa5PO32WScJwU3ok0KDaI0MtMcmXfeqAzE0otUoWTSQyG9RpRq6UrIDGTglmXnmdIbBwA6FUPyeNp7CM33EWNrN80x1N1Jy5lQqc6EUR3FTlQRmhgDlvYQqr0Lv5aB7bvZvpvtu9lzt855ODkVIv7zmssslan4A-6FaFc</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2137586397</pqid></control><display><type>article</type><title>Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes</title><source>IEEE Xplore (Online service)</source><creator>Ming, Tang ; Yanbin, Li ; Dongyan, Zhao ; Yuguang, Li ; Fei, Yan ; Huanguo, Zhang</creator><creatorcontrib>Ming, Tang ; Yanbin, Li ; Dongyan, Zhao ; Yuguang, Li ; Fei, Yan ; Huanguo, Zhang</creatorcontrib><description><![CDATA[Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes, where <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula> represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes is <inline-formula> <tex-math notation="LaTeX">{O(nm)} </tex-math></inline-formula>, where <inline-formula> <tex-math notation="LaTeX">m </tex-math></inline-formula> is the number of signals and <inline-formula> <tex-math notation="LaTeX">n </tex-math></inline-formula> is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original design file of hardware implementations. This property can help designers directly improve the real security of the designs. Moreover, SGL returns the path of the leakages, which can elucidate the original cause and propagation of the weakness.]]></description><identifier>ISSN: 0278-0070</identifier><identifier>EISSN: 1937-4151</identifier><identifier>DOI: 10.1109/TCAD.2018.2789727</identifier><identifier>CODEN: ITCSDI</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>&lt;italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"&gt;d th-order masking schemes ; Algorithm design and analysis ; Design ; Electronic mail ; field-programmable gate array (FPGA) ; Hardware ; hardware implementation ; Integrated circuit modeling ; Leakage ; Masking ; practical security ; Security ; Semiconductor device modeling ; side-channel attack (SCA)</subject><ispartof>IEEE transactions on computer-aided design of integrated circuits and systems, 2018-12, Vol.37 (12), p.3008-3019</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853</citedby><cites>FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853</cites><orcidid>0000-0001-7151-9270 ; 0000-0003-2218-0164 ; 0000-0003-0492-3278</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8246545$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,54796</link.rule.ids></links><search><creatorcontrib>Ming, Tang</creatorcontrib><creatorcontrib>Yanbin, Li</creatorcontrib><creatorcontrib>Dongyan, Zhao</creatorcontrib><creatorcontrib>Yuguang, Li</creatorcontrib><creatorcontrib>Fei, Yan</creatorcontrib><creatorcontrib>Huanguo, Zhang</creatorcontrib><title>Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes</title><title>IEEE transactions on computer-aided design of integrated circuits and systems</title><addtitle>TCAD</addtitle><description><![CDATA[Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes, where <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula> represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes is <inline-formula> <tex-math notation="LaTeX">{O(nm)} </tex-math></inline-formula>, where <inline-formula> <tex-math notation="LaTeX">m </tex-math></inline-formula> is the number of signals and <inline-formula> <tex-math notation="LaTeX">n </tex-math></inline-formula> is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original design file of hardware implementations. This property can help designers directly improve the real security of the designs. Moreover, SGL returns the path of the leakages, which can elucidate the original cause and propagation of the weakness.]]></description><subject>&lt;italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"&gt;d th-order masking schemes</subject><subject>Algorithm design and analysis</subject><subject>Design</subject><subject>Electronic mail</subject><subject>field-programmable gate array (FPGA)</subject><subject>Hardware</subject><subject>hardware implementation</subject><subject>Integrated circuit modeling</subject><subject>Leakage</subject><subject>Masking</subject><subject>practical security</subject><subject>Security</subject><subject>Semiconductor device modeling</subject><subject>side-channel attack (SCA)</subject><issn>0278-0070</issn><issn>1937-4151</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNo9kFtLwzAUgIMoOKc_QHwJ-Nx5cmmTPI552aAywfkcsuZ06y7tTDrEf2_Lhk-Bk-87Bz5C7hmMGAPztJiMn0ccmB5xpY3i6oIMmBEqkSxll2QA3TgBUHBNbmLcADCZcjMg8xzdln40Vd3SvClcW9UrWtV06oL_cQHpbH_Y4R7rtvtq6kibkk6r1RpDMg8eA313cds7n8W6w-ItuSrdLuLd-R2Sr9eXxWSa5PO32WScJwU3ok0KDaI0MtMcmXfeqAzE0otUoWTSQyG9RpRq6UrIDGTglmXnmdIbBwA6FUPyeNp7CM33EWNrN80x1N1Jy5lQqc6EUR3FTlQRmhgDlvYQqr0Lv5aB7bvZvpvtu9lzt855ODkVIv7zmssslan4A-6FaFc</recordid><startdate>20181201</startdate><enddate>20181201</enddate><creator>Ming, Tang</creator><creator>Yanbin, Li</creator><creator>Dongyan, Zhao</creator><creator>Yuguang, Li</creator><creator>Fei, Yan</creator><creator>Huanguo, Zhang</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0001-7151-9270</orcidid><orcidid>https://orcid.org/0000-0003-2218-0164</orcidid><orcidid>https://orcid.org/0000-0003-0492-3278</orcidid></search><sort><creationdate>20181201</creationdate><title>Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes</title><author>Ming, Tang ; Yanbin, Li ; Dongyan, Zhao ; Yuguang, Li ; Fei, Yan ; Huanguo, Zhang</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>&lt;italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"&gt;d th-order masking schemes</topic><topic>Algorithm design and analysis</topic><topic>Design</topic><topic>Electronic mail</topic><topic>field-programmable gate array (FPGA)</topic><topic>Hardware</topic><topic>hardware implementation</topic><topic>Integrated circuit modeling</topic><topic>Leakage</topic><topic>Masking</topic><topic>practical security</topic><topic>Security</topic><topic>Semiconductor device modeling</topic><topic>side-channel attack (SCA)</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ming, Tang</creatorcontrib><creatorcontrib>Yanbin, Li</creatorcontrib><creatorcontrib>Dongyan, Zhao</creatorcontrib><creatorcontrib>Yuguang, Li</creatorcontrib><creatorcontrib>Fei, Yan</creatorcontrib><creatorcontrib>Huanguo, Zhang</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Xplore (Online service)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Ming, Tang</au><au>Yanbin, Li</au><au>Dongyan, Zhao</au><au>Yuguang, Li</au><au>Fei, Yan</au><au>Huanguo, Zhang</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes</atitle><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle><stitle>TCAD</stitle><date>2018-12-01</date><risdate>2018</risdate><volume>37</volume><issue>12</issue><spage>3008</spage><epage>3019</epage><pages>3008-3019</pages><issn>0278-0070</issn><eissn>1937-4151</eissn><coden>ITCSDI</coden><abstract><![CDATA[Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai-Sahai-Wagner scheme, is one of the most acceptable secure models of the existing <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes, where <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula> represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking schemes is <inline-formula> <tex-math notation="LaTeX">{O(nm)} </tex-math></inline-formula>, where <inline-formula> <tex-math notation="LaTeX">m </tex-math></inline-formula> is the number of signals and <inline-formula> <tex-math notation="LaTeX">n </tex-math></inline-formula> is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the <inline-formula> <tex-math notation="LaTeX">d </tex-math></inline-formula>th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain-Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original design file of hardware implementations. This property can help designers directly improve the real security of the designs. Moreover, SGL returns the path of the leakages, which can elucidate the original cause and propagation of the weakness.]]></abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TCAD.2018.2789727</doi><tpages>12</tpages><orcidid>https://orcid.org/0000-0001-7151-9270</orcidid><orcidid>https://orcid.org/0000-0003-2218-0164</orcidid><orcidid>https://orcid.org/0000-0003-0492-3278</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0278-0070
ispartof IEEE transactions on computer-aided design of integrated circuits and systems, 2018-12, Vol.37 (12), p.3008-3019
issn 0278-0070
1937-4151
language eng
recordid cdi_ieee_primary_8246545
source IEEE Xplore (Online service)
subjects <italic xmlns:ali="http://www.niso.org/schemas/ali/1.0/" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">d th-order masking schemes
Algorithm design and analysis
Design
Electronic mail
field-programmable gate array (FPGA)
Hardware
hardware implementation
Integrated circuit modeling
Leakage
Masking
practical security
Security
Semiconductor device modeling
side-channel attack (SCA)
title Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-21T13%3A29%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Leak%20Point%20Locating%20in%20Hardware%20Implementations%20of%20Higher-Order%20Masking%20Schemes&rft.jtitle=IEEE%20transactions%20on%20computer-aided%20design%20of%20integrated%20circuits%20and%20systems&rft.au=Ming,%20Tang&rft.date=2018-12-01&rft.volume=37&rft.issue=12&rft.spage=3008&rft.epage=3019&rft.pages=3008-3019&rft.issn=0278-0070&rft.eissn=1937-4151&rft.coden=ITCSDI&rft_id=info:doi/10.1109/TCAD.2018.2789727&rft_dat=%3Cproquest_ieee_%3E2137586397%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c293t-c803f94682e1dad97603bd357e414d0c4d8ee47baf069060abf2939fd9a000853%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2137586397&rft_id=info:pmid/&rft_ieee_id=8246545&rfr_iscdi=true