@article{Coron_Rondepierre_Zeitoun_2018, title={High Order Masking of Look-up Tables with Common Shares}, volume={2018}, url={https://tches.iacr.org/index.php/TCHES/article/view/832}, DOI={10.13154/tches.v2018.i1.40-72}, abstractNote={Masking is an effective countermeasure against side-channel attacks. In this paper, we improve the efficiency of the high-order masking of look-up tables countermeasure introduced at Eurocrypt 2014, based on a combination of three techniques, and still with a proof of security in the Ishai-Sahai-Wagner (ISW) probing model. The first technique consists in proving security under the stronger <em>t</em>-SNI definition, which enables to use <em>n</em> = <em>t</em>+1 shares instead of <em>n</em> = 2<em>t</em>+1 against <em>t</em>-th order attacks. The second technique consists in progressively incrementing the number of shares within the countermeasure, from a single share to <em>n</em>, thereby reducing the complexity of the countermeasure. The third technique consists in adapting the common shares approach introduced by Coron <em>et al.</em> at CHES 2016, so that half of a randomized look-up table can be pre-computed for multiple SBoxes. We show that our techniques perform well in practice. In theory, the combination of the three techniques should lead to a factor 10.7 improvement in efficiency, for a large number of shares. For a practical implementation with a reasonable number of shares, we get a 4.8 speed-up factor for AES.}, number={1}, journal={IACR Transactions on Cryptographic Hardware and Embedded Systems}, author={Coron, Jean-Sébastien and Rondepierre, Franck and Zeitoun, Rina}, year={2018}, month={Feb.}, pages={40–72} }