Leak Point Locating in Hardware Implementations of Higher-Order Masking Schemes

Abstract

Secure masking schemes have been proven in theory to be secure countermeasures against side-channel attacks. The security framework proposed by Ishai, Sahai, and Wagner, known as the Ishai–Sahai–Wagner scheme, is one of the most acceptable secure models of the existing $d$ th-order masking schemes, where $d$ represents the masking order and plays the role of a security parameter. However, a gap may exist between scheme and design. Several analyses have determined that the glitch has been regarded as the main challenge of masking in hardware designs. A practical method of locating the precise position of leakage points (LPs) in the original hardware design is very rare. Existing research on this glitch mainly focuses on the first-order leakages; however, higher-order analysis can combine several shares to recover the secret key. In this paper, we propose a practical method, sensitive glitch location (SGL) method to locate the less order leakage in hardware design. Specifically, the SGL method can locate any-order of LP in the hardware implementation of $d$ th-order masking schemes. We conducted experiments and verified that the time complexity of SGL on the $d$ th-order masking schemes is ${O(nm)}$ , where $m$ is the number of signals and $n$ is the number of shares in masking scheme. It can therefore be regarded as an efficient tool for the masking designs. In addition, we analyzed the $d$ th-order masking scheme proposed by Rivain and Prouff (2010) along with the SecMult algorithm from the Rivain–Prouff countermeasure, which has been analyzed by our SGL. The experimental results verified that a higher-order leakage may exist in certain hardware designs, even the masking scheme has been proven as a secure countermeasure. To the best of our knowledge, SGL is the first tool that can be used to locate any-order of power/electromagnetic LP in hardware designs. It thus shows the weakness in the original design file of hardware implementations. This property can help designers directly improve the real security of the designs. Moreover, SGL returns the path of the leakages, which can elucidate the original cause and propagation of the weakness.