International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Randomness Optimization for Gadget Compositions in Higher-Order Masking

Jakob Feldtkeller , Ruhr-University Bochum
David Knichel , Ruhr-University Bochum
Pascal Sasdrich , Ruhr-University Bochum
Amir Moradi , Uni­ver­si­ty of Co­lo­gne
Tim Güneysu , Ruhr-University Bochum
Search ePrint
Search Google
Presentation: Slides
Abstract: Physical characteristics of electronic devices leaking secret and sensitive information to an adversary with physical access poses a long-known threat to cryptographic hardware implementations. Among a variety of proposed countermeasures against such Side-Channel Analysis attacks, masking has emerged as a promising, but often costly, candidate. Furthermore, manual masking of implementations has proven error-prone and often introduces flaws, possibly resulting in insecure circuits. In the context of automatic masking, a new line of research emerged, aiming to replace each physical gate with a secure gadget that fulfills well-defined properties, guaranteeing security when interconnected to a large circuit. Unfortunately, those gadgets introduce a significant amount of additional overhead – in terms of area, latency, and randomness requirements – into the design. In this work, we present a novel approach to reduce the final randomness consumption of such gadget-composed circuits by reusing randomness across gadgets while maintaining security in the t-probing adversary model. To this end, we embedded the corresponding optimization passes into an Electronic Design Automation toolchain, able to construct, optimize, and implement masked circuits, starting from an unprotected design. As such, our security-aware optimization offers an additional building block for existing or new Electronic Design Automation frameworks, where security is considered a first-class design constraint.
  title={Randomness Optimization for Gadget Compositions in Higher-Order Masking},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  volume={2022, Issue 4},
  author={Jakob Feldtkeller and David Knichel and Pascal Sasdrich and Amir Moradi and Tim Güneysu},