International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Hardware Masking, Revisited

Thomas De Cnudde , KU Leuven, imec-COSIC, Belgium
Maik Ender , Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Germany
Amir Moradi , Horst Görtz Institute for IT Security, Ruhr-Universität Bochum
DOI: 10.13154/tches.v2018.i2.123-148
Search ePrint
Search Google
Abstract: MaskingHardware masking schemes have shown many advances in the past few years. Through a series of publications their implementation cost has dropped significantly and flaws have been fixed where present. Despite these advancements it seems that a limit has been reached when implementing masking schemes on FPGA platforms. Indeed, even with a correct transition from the masking scheme to the masking realization (i.e., when the implementation is not buggy) it has been shown that the implementation can still exhibit unexpected leakage, e.g., through variations in placement and routing. In this work, we show that the reason for such unexpected leakages is the violation of an underlying assumption made by all masking schemes, i.e., that the leakage of the circuit is a linear sum of leakages associated to each share. In addition to the theory of VLSI which supports our claim, we perform a wide range of experiments based on an FPGA) to find out under what circumstances this causes a masked hardware implementation to show undesirable leakage. We further illustrate case studies, where publicly-known secure designs exhibit first-order leakage when being operated at certain conditions.
Video from TCHES 2018
  title={Hardware Masking, Revisited},
  journal={Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2018, Issue 2},
  author={Thomas De Cnudde and Maik Ender and Amir Moradi},