International Association
for Cryptologic Research

Side-channel attacks (SCAs) pose a significant threat to the implementations of lightweight ciphers, particularly in resource-constrained environments where masking—the primary countermeasure—is constrained by tight resource limitations. This makes it crucial to reduce the resource and randomness requirements of masking schemes. In this work, we investigate an approach to minimize the randomness complexity of masking algorithms. Specifically, we explore the theoretical foundations of higher-order masking schemes that eliminate the need for online (fresh) randomness by relying solely on offline randomness present in the initial input shares.We demonstrate that round-based ciphers with linear diffusion layers can support such deterministic composition, where the diffusion layer acts as a refresh subcircuit. This ensures that, up to a threshold number, probes placed across rounds remain independent. Based on this observation, we propose composition theorems for probing-secure masking. On the practical side, we instantiate our framework using known deterministic first- and second-order masked S-boxes and provide software implementations of Ascon’s protected permutation.

Masking is a commonly used countermeasure against side-channel attacks, encoding secrets into multiple shares such that each share leaks only partial information. A longstanding question is under what noise conditions masking guarantees security, and how this security scales with the number of shares. While sufficient conditions have been known for binary fields and in high-noise regimes, the borderline and low-noise cases have remained poorly understood. In this work, we close this gap through a decomposition-based analysis. Our approach reduces leakage in extended fields to binary projections, enabling tight bounds on the adversary’s success rate and yielding an optimal reduction from the noisy leakage model to the random probing model—even in regimes where classical reductions fail. As a central theoretical result, we prove a conjecture of Dziembowski et al.\ (TCC 2016), showing that for any additive group $\mathbb{G}$ with largest proper subgroup $\mathbb{H}$, masking strictly improves security whenever the leakage is $\delta$-noisy with $\delta < 1 - \tfrac{|\mathbb{H}|}{|\mathbb{G}|}$. We additionally demonstrate the practical relevance of our framework for leakage certification and for determining the required masking order under realistic low-noise conditions. Our results unify and sharpen the understanding of noise requirements for masking, advancing both the theoretical foundations and the practical evaluation of side-channel countermeasures.

We employ an algebraic approach to estimate the success rate of a sidechannel adversary attacking secrets of a masked circuit within the Random Probing Model (RPM), where intermediate variables of the implementation leak with a probability p. Our method efficiently handles masked linear circuits, enabling security bound estimation for practically large masking orders. For non-linear circuits, we employ a linearization technique. To reason about the security of complex structures like an S-box, we introduce a composition theorem, reducing the RPM security of a circuit to that of its constituent gadgets. Moreover, we lower the complexity of the multiplication gadget of CHES 2016 from O(n2 log(n)) to O(n2) while demonstrating its conjectured RPM security. Collectively, these novel methods enable the development of a practical masking scheme with O(n2) complexity for AES, maintaining security for a considerably high leakage rate p ≤ 0.02 ≈ 2−5.6.