IACR News item: 28 August 2014
Julien Bringer, Claude Carlet, Hervé Chaba
ePrint ReportThose include side-channel and fault injection attacks.
We introduce ODSM, Orthogonal Direct Sum Masking, a new computation paradigm that achieves protection against those two kinds of attacks.
A large vector space is structured as two supplementary orthogonal subspaces.
One subspace (called a code $\\mathcal{C}$) is used for the functional computation,
while the second subspace carries random numbers.
As the random numbers are entangled with the sensitive data, ODSM ensures a protection against (monovariate) side-channel attacks.
The random numbers can be checked either occasionally, or globally, thereby ensuring a fine or coarse detection capability.
The security level can be formally detailed:
it is proved that monovariate side-channel attacks of order up to $d_\\mathcal{C}-1$, where $d_\\mathcal{C}$ is the minimal distance of $\\mathcal{C}$, are impossible,
and that any fault of Hamming weight strictly less than $d_\\mathcal{C}$ is detected.
A complete instantiation of ODSM is given for AES.
In this case, all monovariate side-channel attacks of order strictly less than $5$ are impossible,
and all fault injections perturbing strictly less than $5$ bits are detected.
Additional news items may be found on the IACR news page.