## CryptoDB

### Paper: Information Leakages in Code-based Masking: A Unified Quantification Approach

Authors: Wei Cheng , LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France Sylvain Guilley , Secure-IC S.A.S., Tour Montparnasse (27th floor), Paris, France; LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France Claude Carlet , LAGA, Department of Mathematics, University of Paris VIII, Paris, France and University of Bergen, Norway Jean-Luc Danger , LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France; Secure-IC S.A.S., Tour Montparnasse (27th floor), Paris, France Sihem Mesnager , Department of Mathematics, University of Paris VIII, F-93526 Saint-Denis, University Sorbonne Paris Cité, LAGA, UMR 7539, CNRS, 93430 Villetaneuse and Telecom Paris, Polytechnic Institute of Paris, 91120 Palaiseau, France DOI: 10.46586/tches.v2021.i3.465-495 URL: https://tches.iacr.org/index.php/TCHES/article/view/8983 Search ePrint Search Google This paper presents a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that all code-based masking schemes’ side-channel resistance can be quantified by an all-in-one framework consisting of two easy-tocompute parameters (the dual distance and the number of conditioned codewords) from a coding-theoretic perspective. In particular, we use signal-to-noise ratio (SNR) and mutual information (MI) as two complementary metrics, where a closed-form expression of SNR and an approximation of MI are proposed by connecting both metrics to the two coding-theoretic parameters. Secondly, considering the connection between Reed-Solomon code and SSS (Shamir’s Secret Sharing) scheme, the SSS-based masking is viewed as a particular case of generalized code-based masking. Hence as a straightforward application, we evaluate the impact of public points on the side-channel security of SSS-based masking schemes, namely the polynomial masking, and enhance the SSS-based masking by choosing optimal public points for it. Interestingly, we show that given a specific security order, more shares in SSS-based masking leak more information on secrets in an information-theoretic sense. Finally, our approach provides a systematic method for optimizing the side-channel resistance of every code-based masking. More precisely, this approach enables us to select optimal linear codes (parameters) for the generalized code-based masking by choosing appropriate codes according to the two coding-theoretic parameters. Summing up, we provide a best-practice guideline for the application of code-based masking to protect cryptographic implementations.
##### BibTeX
@article{tches-2021-31292,
title={Information Leakages in Code-based Masking: A Unified Quantification Approach},
journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
publisher={Ruhr-Universität Bochum},
volume={2021, Issue 3},
pages={465-495},
url={https://tches.iacr.org/index.php/TCHES/article/view/8983},
doi={10.46586/tches.v2021.i3.465-495},
author={Wei Cheng and Sylvain Guilley and Claude Carlet and Jean-Luc Danger and Sihem Mesnager},
year=2021
}