Combined Fault and Leakage Resilience: Composability, Constructions and Compiler

Sebastian Berndt; Thomas Eisenbarth; Sebastian Faust; Marc Gourjon; Maximilian Orlt; Okan Seker

Combined Fault and Leakage Resilience: Composability, Constructions and Compiler

Sebastian Berndt, Thomas Eisenbarth, Sebastian Faust, Marc Gourjon, Maximilian Orlt, Okan Seker

Abstract

Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant.

Original language	Undefined/Unknown
Title of host publication	Advances in Cryptology -- CRYPTO 2023
Editors	Helena Handschuh, Anna Lysyanskaya
Number of pages	33
Place of Publication	Cham
Publisher	Springer Nature Switzerland
Publication date	09.08.2023
Pages	377-409
ISBN (Print)	978-3-031-38548-3
Publication status	Published - 09.08.2023

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

http://10.1007/978-3-031-38548-3_13

Cite this

@inproceedings{6cd8a048ef67460b9695ff88f30d0682,

title = "Combined Fault and Leakage Resilience: Composability, Constructions and Compiler",

abstract = "Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant.",

author = "Sebastian Berndt and Thomas Eisenbarth and Sebastian Faust and Marc Gourjon and Maximilian Orlt and Okan Seker",

year = "2023",

month = aug,

day = "9",

language = "undefiniert/unbekannt",

isbn = "978-3-031-38548-3",

pages = "377--409",

editor = "Helena Handschuh and Anna Lysyanskaya",

booktitle = "Advances in Cryptology -- CRYPTO 2023",

publisher = "Springer Nature Switzerland",

}

Combined Fault and Leakage Resilience: Composability, Constructions and Compiler. / Berndt, Sebastian; Eisenbarth, Thomas; Faust, Sebastian et al.
Advances in Cryptology -- CRYPTO 2023. ed. / Helena Handschuh; Anna Lysyanskaya. Cham: Springer Nature Switzerland, 2023. p. 377-409.

Research output: Chapters in Books/Reports/Conference Proceedings › Conference contribution › peer-review

TY - GEN

T1 - Combined Fault and Leakage Resilience: Composability, Constructions and Compiler

AU - Berndt, Sebastian

AU - Eisenbarth, Thomas

AU - Faust, Sebastian

AU - Gourjon, Marc

AU - Orlt, Maximilian

AU - Seker, Okan

PY - 2023/8/9

Y1 - 2023/8/9

N2 - Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant.

AB - Real-world cryptographic implementations nowadays are not only attacked via classical cryptanalysis but also via implementation attacks, including passive attacks (observing side-channel information about the inner computation) and active attacks (inserting faults into the computation). While countermeasures exist for each type of attack, countermeasures against combined attacks have only been considered recently. Masking is a standard technique for protecting against passive side-channel attacks, but protecting against active attacks with additive masking is challenging. Previous approaches include running multiple copies of a masked computation, requiring a large amount of randomness or being vulnerable to horizontal attacks. An alternative approach is polynomial masking, which is inherently fault-resistant.

M3 - Conference contribution

SN - 978-3-031-38548-3

SP - 377

EP - 409

BT - Advances in Cryptology -- CRYPTO 2023

A2 - Handschuh, Helena

A2 - Lysyanskaya, Anna

PB - Springer Nature Switzerland

CY - Cham

ER -