International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Information Leakages in Code-based Masking: A Unified Quantification Approach

Authors:
Wei Cheng , LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France
Sylvain Guilley , Secure-IC S.A.S., Tour Montparnasse (27th floor), Paris, France; LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France
Claude Carlet , LAGA, Department of Mathematics, University of Paris VIII, Paris, France and University of Bergen, Norway
Jean-Luc Danger , LTCI, Télécom Paris, Institut Polytechnique de Paris, Palaiseau, France; Secure-IC S.A.S., Tour Montparnasse (27th floor), Paris, France
Sihem Mesnager , Department of Mathematics, University of Paris VIII, F-93526 Saint-Denis, University Sorbonne Paris Cité, LAGA, UMR 7539, CNRS, 93430 Villetaneuse and Telecom Paris, Polytechnic Institute of Paris, 91120 Palaiseau, France
Download:
DOI: 10.46586/tches.v2021.i3.465-495
URL: https://tches.iacr.org/index.php/TCHES/article/view/8983
Search ePrint
Search Google
Abstract: This paper presents a unified approach to quantifying the information leakages in the most general code-based masking schemes. Specifically, by utilizing a uniform representation, we highlight first that all code-based masking schemes’ side-channel resistance can be quantified by an all-in-one framework consisting of two easy-tocompute parameters (the dual distance and the number of conditioned codewords) from a coding-theoretic perspective. In particular, we use signal-to-noise ratio (SNR) and mutual information (MI) as two complementary metrics, where a closed-form expression of SNR and an approximation of MI are proposed by connecting both metrics to the two coding-theoretic parameters. Secondly, considering the connection between Reed-Solomon code and SSS (Shamir’s Secret Sharing) scheme, the SSS-based masking is viewed as a particular case of generalized code-based masking. Hence as a straightforward application, we evaluate the impact of public points on the side-channel security of SSS-based masking schemes, namely the polynomial masking, and enhance the SSS-based masking by choosing optimal public points for it. Interestingly, we show that given a specific security order, more shares in SSS-based masking leak more information on secrets in an information-theoretic sense. Finally, our approach provides a systematic method for optimizing the side-channel resistance of every code-based masking. More precisely, this approach enables us to select optimal linear codes (parameters) for the generalized code-based masking by choosing appropriate codes according to the two coding-theoretic parameters. Summing up, we provide a best-practice guideline for the application of code-based masking to protect cryptographic implementations.
Video from TCHES 2021
BibTeX
@article{tches-2021-31292,
  title={Information Leakages in Code-based Masking: A Unified Quantification Approach},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2021, Issue 3},
  pages={465-495},
  url={https://tches.iacr.org/index.php/TCHES/article/view/8983},
  doi={10.46586/tches.v2021.i3.465-495},
  author={Wei Cheng and Sylvain Guilley and Claude Carlet and Jean-Luc Danger and Sihem Mesnager},
  year=2021
}