Extending Glitch-Free Multiparty Protocols to Resist Fault Injection Attacks

Authors

  • Okan Seker University of Lübeck
  • Abraham Fernandez-Rubio Intel
  • Thomas Eisenbarth University of Lübeck, Germany; Worcester Polytechnic Institute
  • Rainer Steinwandt Florida Atlantic University

DOI:

https://doi.org/10.13154/tches.v2018.i3.394-430

Keywords:

Secure multiparty computation, Side-channel analysis, Fault attacks, Polynomial Masking, ARM

Abstract

Side channel analysis and fault attacks are two powerful methods to analyze and break cryptographic implementations. At CHES 2011, Roche and Prouff applied secure multiparty computation to prevent side-channel attacks. While multiparty computation is known to be fault-resistant as well, the particular scheme used for side-channel protection does not currently offer this feature. This work introduces a new secure multiparty circuit to prevent both fault injection attacks and sidechannel analysis. The new scheme extends the Roche and Prouff scheme to make faults detectable. Arithmetic operations have been redesigned to propagate fault information until a new secrecy-preserving fault detection can be performed. A new recombination operation ensures randomization of the output in the case of a fault, ensuring that nothing can be learned from the faulty output. The security of the new scheme is proved in the ISW probing model, using the reformulated t-SNI security notion. Besides the new scheme and its security proof, we also present an extensive performance analysis, including a proof-of-concept, software-based AES implementation featuring the masking technique to resist both fault and side-channel attacks at the same time. The performance analysis for different security levels are given for the ARM-M0+ MCU with its memory requirements. A comprehensive leakage analysis shows that a careful implementation of the scheme achieves the expected security level.

Published

2018-08-16

Issue

Section

Articles

How to Cite

Extending Glitch-Free Multiparty Protocols to Resist Fault Injection Attacks. (2018). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(3), 394-430. https://doi.org/10.13154/tches.v2018.i3.394-430