Transactions on Cryptographic Hardware and Embedded Systems 2025
mid-pSquare:
Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software
Brieuc Balon
Crypto Group, ICTEAM Institute, UCLouvain, Louvain-la-Neuve, Belgium
Lorenzo Grassi
Eindhoven University of Technology, Eindhoven, The Netherlands
Pierrick Méaux
Luxembourg University, Esch-sur-Alzette, Luxembourg
Thorben Moos
Crypto Group, ICTEAM Institute, UCLouvain, Louvain-la-Neuve, Belgium
François-Xavier Standaert
Crypto Group, ICTEAM Institute, UCLouvain, Louvain-la-Neuve, Belgium
Matthias Johann Steiner
Alpen-Adria-Universität Klagenfurt, Klagenfurt am Wörthersee, Austria
Keywords: Side-Channel Attacks, Prime Ciphers, Software Masking
Abstract
Efficiently protecting embedded software implementations of standard symmetric cryptographic primitives against side-channel attacks has been shown to be a considerable challenge in practice. This is, in part, due to the most natural countermeasure for such ciphers, namely Boolean masking, not amplifying security well in the absence of sufficient physical noise in the measurements. So-called primefield masking has been demonstrated to provide improved theoretical guarantees in this context, and the Feistel for Prime Masking (FPM) family of Tweakable Block Ciphers (TBCs) has been recently introduced by Grassi et al. (Eurocrypt’24) to efficiently leverage these advantages. However, it was so far only instantiated for and empirically evaluated in a hardware implementation context, by using a small (7-bit) prime modulus.In this paper, we build on the theoretical incentive to increase the prime field size to obtain improved side-channel (Faust et al., Eurocrypt’24) and fault (Moos et al., CHES’24) resistance, as well as on the practical incentive to instantiate an FPM instance with optimized performance on 32-bit software platforms. We introduce mid-pSquare for this purpose, a lightweight TBC operating over a 31-bit Mersenne prime field. We first provide an in-depth black-box security analysis with a particular focus on algebraic attacks – which, contrary to the cryptanalysis of instances over smaller primes, are more powerful than statistical ones in our setting. We also design a strong tweak schedule to account for potential related-tweak algebraic attacks which, so far, are almost unknown in the literature. We then demonstrate that mid-pSquare implementations deliver very competitive performance results on the target platform compared to analogous binary TBCs regardless of masked or unmasked implementation (we use fix-sliced SKINNY for our comparisons). Finally, we experimentally establish the side-channel security improvements that masked mid-pSquare can lead to, reaching unmatched resistance to profiled horizontal attacks on lightweight 32-bit processors (ARM Cortex-M4).
Publication
IACR Transactions on Cryptographic Hardware and Embedded Systems, Volume 2025, Issue 4
PaperArtifact
Artifact number
tches/2025/a55
Artifact published
January 30, 2026
Badge
✅ IACR CHES Artifacts Available
License
This work is licensed under the MIT License.
Note that license information is supplied by the authors and has not been confirmed by the IACR.
BibTeX How to cite
Brieuc Balon, Lorenzo Grassi, Pierrick Méaux, Thorben Moos, François-Xavier Standaert, Matthias Johann Steiner. (2025). mid-pSquare: Leveraging the Strong Side-Channel Security of Prime-Field Masking in Software. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(4), 486–519. https://doi.org/10.46586/tches.v2025.i4.486-519. Artifact at https://artifacts.iacr.org/tches/2025/a55.