[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

What a lovely hat

Is it made out of tin foil?

Paper 2022/418

LLTI: Low-Latency Threshold Implementations

Victor Arribas, Zhenda Zhang, and Svetla Nikova

Abstract

With the enormous increase in portable cryptographic devices, physical attacks are becoming similarly popular. One of the most common physical attacks is Side-Channel Analysis (SCA), extremely dangerous due to its non-invasive nature. Threshold Implementations (TI) was proposed as the first countermeasure to provide provable security in masked hardware implementations. While most works on hardware masking are focused on optimizing the area requirements, with the newer and smaller technologies area is taking a backseat, and low-latency is gaining importance. In this work, we revisit the scheme proposed by Arribas et al. in TCHES 2018 to secure unrolled implementations. We formalize and expand this methodology, to devise a masking scheme, derived from TI, designed to secure hardware implementations optimized for latency named Low-Latency Threshold Implementations (LLTI). By applying the distributive property and leveraging a divide-and-conquer strategy, we split a non-linear operation in layers which are masked separately. The result is a more efficient scheme than the former TI for any operation of algebraic degree greater than two, achieving great optimizations both in terms of speed and area. We compare the performance of first-order LLTI with first-order TI in securing a cubic gate and a degree-7 AND gate without using any registers in between. We achieve a 137% increase in maximum frequency and a 60% reduction in area for the cubic gate, and 3131 times reduction in area in the case of a degree-7 AND gate compared to TI. To further illustrate the power of our scheme we take a low-latency PRINCE implementation from the literature and, by simply changing the secure S-box with the LLTI version, we achieve a 46% max. frequency improvement and a 38% area reduction. Moreover, we apply LLTI to a secure a low-latency AES implementation and compare it with the TI version, achieving a 6.9 times max. freq. increase and a 47.2% area reduction.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. IEEE Transactions on Information Forensics and Security ( Volume: 16)
DOI
10.1109/TIFS.2021.3123527
Contact author(s)
vm arribas @ gmail com
History
2022-04-06: received
Short URL
https://ia.cr/2022/418
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/418,
      author = {Victor Arribas and Zhenda Zhang and Svetla Nikova},
      title = {{LLTI}: Low-Latency Threshold Implementations},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/418},
      year = {2022},
      doi = {10.1109/TIFS.2021.3123527},
      url = {https://eprint.iacr.org/2022/418}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.