CryptoDB
StaMAC: Fault Protection via Stable-MAC Tags
| Authors: |
|
|---|---|
| Download: | |
| Conference: | ASIACRYPT 2025 |
| Abstract: | Fault attacks pose a significant threat to cryptographic implementations, motivating the development of countermeasures, primarily based on a combination of redundancy and masking techniques. Redundancy, in these countermeasures, is often implemented via duplication or linear codes. However, their inherent structure remains susceptible to strategic fault injections bypassing error checks. To address this, the CAPA countermeasure from CRYPTO 2018 leveraged information-theoretic MAC tags for protection against fault and combined attacks. However, a recent attack has shown that CAPA does not achieve protection against combined attacks and offers only limited fault protection, while also incurring significant hardware overhead. Its successor, M\M, improves efficiency but fails to protect against ineffective faults. In this paper, we introduce StaMAC, a framework for securely integrating MAC tags against both side-channel and fault attacks in a non-combined setting. Building on the security notions from StaTI (TCHES 2024), we propose the notion of \textit{MAC-stability}, which ensures fault propagation in masked and MACed circuits while requiring only a single error check at the end of the computation. We further show that the stability notion from StaTI is arbitrarily composable (whereas it was previously thought to be only serially composable), making it the first arbitrary composable fault security notion which does not require intermediate error checks or corrections. Then, we establish the improved protection of masking combined with MAC tags compared to linear encoding techniques by showing bounds on the advantage considering several fault adversaries: a gate/register faulting adversary, an arbitrary register faulting adversary, and a random register faulting adversary. Then, we show how to transform any probing secure circuit to protect against fault attacks using the proposed MAC-stable gadgets implementing field operations. Finally, we demonstrate StaMAC on an AES implementation, evaluating its security and hardware costs in comparison to MAC-based countermeasures. |
BibTeX
@inproceedings{asiacrypt-2025-36060,
title={StaMAC: Fault Protection via Stable-MAC Tags},
publisher={Springer-Verlag},
author={Dilara Toprakhisar and Artemii Ovchinnikov and Siemen Dhooghe},
year=2025
}