CryptoDB
A Decomposition Approach for Evaluating Security of Masking
| Authors: |
|
|---|---|
| Download: | |
| Conference: | ASIACRYPT 2025 |
| Abstract: | Masking is a commonly used countermeasure against side-channel attacks, encoding secrets into multiple shares such that each share leaks only partial information. A longstanding question is under what noise conditions masking guarantees security, and how this security scales with the number of shares. While sufficient conditions have been known for binary fields and in high-noise regimes, the borderline and low-noise cases have remained poorly understood. In this work, we close this gap through a decomposition-based analysis. Our approach reduces leakage in extended fields to binary projections, enabling tight bounds on the adversary’s success rate and yielding an optimal reduction from the noisy leakage model to the random probing model—even in regimes where classical reductions fail. As a central theoretical result, we prove a conjecture of Dziembowski et al.\ (TCC 2016), showing that for any additive group $\mathbb{G}$ with largest proper subgroup $\mathbb{H}$, masking strictly improves security whenever the leakage is $\delta$-noisy with $\delta < 1 - \tfrac{|\mathbb{H}|}{|\mathbb{G}|}$. We additionally demonstrate the practical relevance of our framework for leakage certification and for determining the required masking order under realistic low-noise conditions. Our results unify and sharpen the understanding of noise requirements for masking, advancing both the theoretical foundations and the practical evaluation of side-channel countermeasures. |
BibTeX
@inproceedings{asiacrypt-2025-36098,
title={A Decomposition Approach for Evaluating Security of Masking},
publisher={Springer-Verlag},
author={Vahid Jahandideh and Bart Mennink and Lejla Batina},
year=2025
}