International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Provable Secure Parallel Gadgets

Authors:
Francesco Berti , Bar-Ilan University, Ramat-Gan 529002, Israel
Sebastian Faust , Department of Computer Science, TU Darmstadt, Darmstadt, Germany
Maximilian Orlt , Department of Computer Science, TU Darmstadt, Darmstadt, Germany
Download:
DOI: 10.46586/tches.v2023.i4.420-459
URL: https://tches.iacr.org/index.php/TCHES/article/view/11172
Search ePrint
Search Google
Abstract: Side-channel attacks are a fundamental threat to the security of cryptographic implementations. One of the most prominent countermeasures against side-channel attacks is masking, where each intermediate value of the computation is secret shared, thereby concealing the computation’s sensitive information. An important security model to study the security of masking schemes is the random probing model, in which the adversary obtains each intermediate value of the computation with some probability p. To construct secure masking schemes, an important building block is the refreshing gadget, which updates the randomness of the secret shared intermediate values. Recently, Dziembowski, Faust, and Zebrowski (ASIACRYPT’19) analyzed the security of a simple refreshing gadget by using a new technique called the leakage diagram. In this work, we follow the approach of Dziembowski et al. and significantly improve its methodology. Concretely, we refine the notion of a leakage diagram via so-called dependency graphs, and show how to use this technique for arbitrary complex circuits via composition results and approximation techniques. To illustrate the power of our new techniques, as a case study, we designed provably secure parallel gadgets for the random probing model, and adapted the ISW multiplication such that all gadgets can be parallelized. Finally, we evaluate concrete security levels, and show how our new methodology can further improve the concrete security level of masking schemes. This results in a compiler provable secure up to a noise level of O(1) for affine circuits and O(1/√n) in general.
BibTeX
@article{tches-2023-33354,
  title={Provable Secure Parallel Gadgets},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2023, Issue 4},
  pages={420-459},
  url={https://tches.iacr.org/index.php/TCHES/article/view/11172},
  doi={10.46586/tches.v2023.i4.420-459},
  author={Francesco Berti and Sebastian Faust and Maximilian Orlt},
  year=2023
}