Abstract
With an increasing number of mobile devices and their high accessibility, protecting the implementation of cryptographic functions in the presence of physical adversaries has become more relevant than ever. Over the last decade, a lion’s share of research in this area has been dedicated to developing countermeasures at an algorithmic level. Here, masking has proven to be a promising approach due to the possibility of formally proving the implementation’s security solely based on its algorithmic description by elegantly modeling the circuit behavior. Theoretically verifying the security of masked circuits becomes more and more challenging with increasing circuit complexity. This motivated the introduction of security notions that enable masking of single gates while still guaranteeing the security when the masked gates are composed. Systematic approaches to generate these masked gates – commonly referred to as gadgets – were restricted to very simple gates like 2-input AND gates. Simply substituting such small gates by a secure gadget usually leads to a large overhead in terms of fresh randomness and additional latency (register stages) being introduced to the design.In this work, we address these problems by presenting a generic framework to construct trivially composable and secure hardware gadgets for arbitrary vectorial Boolean functions, enabling the transformation of much larger sub-circuits into gadgets. In particular, we present a design methodology to generate first-order secure masked gadgets which is well-suited for integration into existing Electronic Design Automation (EDA) tools for automated hardware masking as only the Boolean function expression is required. Furthermore, we practically verify our findings by conducting several case studies and show that our methodology outperforms various other masking schemes in terms of introduced latency or fresh randomness – especially for large circuits.
Highlights
Even though Side-Channel Analysis (SCA) has been studied extensively by academic and industrial researchers, secure implementation of strong cryptographic implementations remains a challenging task
For all case studies given in the remainder of this section, the power consumption traces of the target Field-Programmable Gate Array (FPGA) have been collected by monitoring the voltage drop over a 1 Ω resistor placed in the Vdd path amplified by an on-board AC amplifier
We developed and presented a generic framework to construct trivially composable hardware private circuits with a compact latency from arbitrary vectorial Boolean functions
Summary
Even though Side-Channel Analysis (SCA) has been studied extensively by academic and industrial researchers, secure implementation of strong cryptographic implementations remains a challenging task. Of masking schemes is still a mostly manual, complex, and error-prone process, even for experienced security experts and hardware designers Facing such challenges, researchers recently started to focus on development of formal and accurate models of physical adversaries, hardware platforms, and execution environments as a mandatory foundation for formal verification and provably-secure schemes. Design of efficient gadgets under several optimization metrics, e.g., computational complexity, area demands, randomness requirements, performance in terms of latency and throughput, or higher-order protection still requires manual interaction and long-standing experience To this end, the list of existing secure gadgets is limited, as most of them are hand-crafted, mainly focusing on protection of small gates, e.g., a 2-input AND [Tri, BDF+17, FGP+18, CGLS20].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
