International Association for Cryptologic Research

International Association
for Cryptologic Research


Masking in Fine-Grained Leakage Models: Construction, Implementation and Verification

Gilles Barthe , MPI-SP, Germany; IMDEA Software Institute, Spain
Marc Gourjon , Hamburg University of Technology, Germany; NXP Semiconductors, Germany
Benjamin Grégoire , Inria, France
Maximilian Orlt , TU Darmstadt, Germany
Clara Paglialonga , TU Darmstadt, Germany
Lars Porth , TU Darmstadt, Germany
DOI: 10.46586/tches.v2021.i2.189-228
Search ePrint
Search Google
Abstract: We propose a new approach for building efficient, provably secure, and practically hardened implementations of masked algorithms. Our approach is based on a Domain Specific Language in which users can write efficient assembly implementations and fine-grained leakage models. The latter are then used as a basis for formal verification, allowing for the first time formal guarantees for a broad range of device-specific leakage effects not addressed by prior work. The practical benefits of our approach are demonstrated through a case study of the PRESENT S-Box: we develop a highly optimized and provably secure masked implementation, and show through practical evaluation based on TVLA that our implementation is practically resilient. Our approach significantly narrows the gap between formal verification of masking and practical security.
Video from TCHES 2021
  title={Masking in Fine-Grained Leakage Models: Construction, Implementation and Verification},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2021, Issue 2},
  author={Gilles Barthe and Marc Gourjon and Benjamin Grégoire and Maximilian Orlt and Clara Paglialonga and Lars Porth},