M&M: Masks and Macs against Physical Attacks

Authors

  • Lauren De Meyer KU Leuven, imec - COSIC
  • Victor Arribas KU Leuven, imec - COSIC
  • Svetla Nikova KU Leuven, imec - COSIC
  • Ventzislav Nikov NXP Semiconductors
  • Vincent Rijmen KU Leuven, imec - COSIC

DOI:

https://doi.org/10.13154/tches.v2019.i1.25-50

Abstract

Cryptographic implementations on embedded systems need to be protected against physical attacks. Today, this means that apart from incorporating countermeasures against side-channel analysis, implementations must also withstand fault attacks and combined attacks. Recent proposals in this area have shown that there is a big tradeoff between the implementation cost and the strength of the adversary model. In this work, we introduce a new combined countermeasure M&M that combines Masking with information-theoretic MAC tags and infective computation. It works in a stronger adversary model than the existing scheme ParTI, yet is a lot less costly to implement than the provably secure MPC-based scheme CAPA. We demonstrate M&M with a SCA- and DFA-secure implementation of the AES block cipher. We evaluate the side-channel leakage of the second-order secure design with a non-specific t-test and use simulation to validate the fault resistance.

Downloads

Published

2018-11-09

How to Cite

De Meyer, L., Arribas, V., Nikova, S., Nikov, V., & Rijmen, V. (2018). M&M: Masks and Macs against Physical Attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019(1), 25–50. https://doi.org/10.13154/tches.v2019.i1.25-50

Issue

Volume 2019, Issue 1

Section

Articles

License

Copyright (c) 2018 Lauren De Meyer, Victor Arribas, Svetla Nikova, Ventzislav Nikov, Vincent Rijmen

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.