How to mask S-Boxes of a block cipher against side channel attacks. - - PowerPoint PPT Presentation

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

How to mask S-Boxes of a block cipher against side channel attacks. Focus on the AES.

Micha¨ el Quisquater

University of Versailles (UVSQ), France

July 4th, 2013

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

1

Introduction Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

2

Masking based on Look-up tables

3

How to mask (additively) basic operations? Masking linear transformation Masking translation Masking multiplication

4

Method based on multiplicative masking Multiplicative masking

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

5

Method based on ”Square and Multiply” and addition chains ”Square & Multiply”: BMK and addition chains

6

Method based on the tower field representation Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

7

Conclusion

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Block Cipher

Key scheduling Rounds

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Block cipher: SP network

Addition of the key S-Boxes LT: Linear transformation

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Logical Attacks

Available data: plaintexts and/or ciphertexts Goal: estimation of the key used to generate the data. Exemples: Exhaustive search Linear and differential cryptanalysis Slide attack Algebraic attack ... Counter-measure: use components with good cryptographic properties in the design of the algorithm

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Side Channel Attacks

Available data: plaintexts and/or ciphertexts + physical measures corresponding to the execution of the algorithm on those data. Goal: estimation of the key used to generate the data. Examples: Timing attacks Acoustical attacks Electromagnetic attacks (Differential) Power attacks ...

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Power attacks

Computation = modification of the state

• f a logical gate.

Logical gate = transistor circuit. Consumption of a transistor depends on its state (or the transition between states). CCL: consumption of the execution of an algorithm depends on the values of the data, instructions (logical gates) and noise.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

SPA (Simple Power Analysis)

Example: execution of the RSA Instructions that are executed depend on the value of the key (exponent): 1 ⇒ ”square and multiply” 0 ⇒ ”square” Correlation between the shape of the electrical consumption signal and the value of the key bits of the exponent Example above: (0, 1, 0, 1 ,1 ,0).

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

DPA (Differential power analysis)

Let us apply the SPA to the DES: Clear distinction of the computation of IP , the 16 rounds and IPinv. Dependency between the signal and the used key seems less obvious comparing to the case of RSA ⇒ other method = Differential Power Analysis.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Principle of the DPA

The evaluation of a block cipher AK(x) (encryption or decryption) may be considered as a sequence of intermediate results: I1(x, k), I2(x, k), . . . , It(x, k) The DPA focus on the power consumption related to some of these intermediated (target) values.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Principle of the DPA (cont.)

Idea of the DPA (order 1): For each guess ˆ K on a part K of the key, build two subsets, i.e. S0( ˆ K) et S1( ˆ K), from the available data (plaintext, ciphertext or parts of them) such that:

1

If ˆ K = K, the average of the power consumption related to the target value taken on the data S0( ˆ K) is greater than the

• ne taken on the data S1( ˆ

K) ⇒ Right Guess

2

If ˆ K = K the averages are indistinguable ⇒ Wrong Guess

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Counter-measure against DPA: Masking (cont.)

Counter-measures: to thwart the ability to build the sets (S1( ˆ K), S2( ˆ K)) with the required properties. ⇒ Masking = introduce randomness in the targets. Examples based on the one time pad : Additive masking: replace I(x, s) by I(x, s) ⊕ r (r is random) if I(x, s) belongs to an additive group. Multiplicative masking: replace I(x, s) by I(x, s) ⊗ r (r is random) if I(x, s) belongs to a multiplicative group.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

Counter-measure against DPA: Masking (cont.)

Full execution of a masked algorithm = 3 steps (additive masking of order 1)

1

Masking of the plaintext

2

Iterative application of the below principle (propagation of the masking through f)

3

Reconstruction of the ciphertext from the ”masked ciphertext” and the masking Remark: same principle for multiplicative masking

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

DPA of order 2

Extension?: Potentially, it is possible to mount an attack on an algorithm masked at order 1. We just need to consider the consumptions related to I(x, s) + r and r simultanously. This attack is of order 2 because we consider 2 targets. Counter-measure: To thwart a DPA of order 2, we need to generalize the notion of masking by associating to each target I(x, s) the tuple (I(x, s) + r + t, r, t) (r, t random) and to propagate this masking through the different functions. This masking is of order 2.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Block Cipher Logical Attacks Side Channel Attacks SPA DPA Masking

DPA of higher orderd

Generalization: DPA of order d ⇒ additive masking of order d Definition: Additive masking of order d Let x ∈ GF(2n) be a sensible data. An additive masking of

• rder d consists in ”splitting” x into the vector (x0, x1, · · · , xd)

such that d

i=0 xi = x.

An additive masking of order d of x is called a (d + 1)-sharing

• f x.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

Masking based on Look-up tables

The most obvious way to mask a function at order 1 is to use a look-up table. Idea: Let g : GF(2n) → GF(2n) be a function to mask. We may build a table T which associate to each x ⊕ Rin the value g(x) ⊕ Rout. In this case, (T((O(P, K) ⊕ Rin), Rout) is an additive masking of g(O(P, K)). Advantage: Fast. Drawback: Require a lot of memory to save the table.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to mask (additively) basic operations?

In what follows, the elements belong to a finite field with characteristic 2, i.e. GF(2n) From interpolation theory, any function on a finite field may be represented by a polynomial. The evaluation of a polynomial requires to be able to perform: Affine transformations (composition of a linear transformation and a translation) Additions Multiplications/Squares

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to mask (additively) a linear transformation

Input: The (d + 1)-sharing (a0, · · · , ad) of the values a and a linear application x → L(x). Output: A (d + 1)-sharing (l0, · · · , ld) of the value L(a).

1

return (l0, · · · , ld) = (L(a0), · · · , L(ad)). ⇒ Easy! Examples: x → L(x) = α · x. x → L(x) = x2.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to mask (additively) a translation

Input: The (d + 1)-sharing (a0, · · · , ad) of the values a and a translation x → x + β. Output: A (d + 1)-sharing (t0, · · · , td) of the value a + β.

1

return (t0, · · · , td) = (a0, · · · , ad + β). ⇒ Easy!

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to mask (additively) a multiplication?

Input: The (d + 1)-sharings (a0, · · · , ad) and (b0, · · · , bd) of the values a and b, respectively. Output: A (d + 1)-sharing (p0, · · · , pd) of the product a · b. Two solutions were proposed: In 2003, Ishai, Shai and Wagner proposed a method to mask a boolean circuit at order d. In 2010, Rivain and Prouff generalized the method to finite fields of characteristic two and improved the evaluation of the security of the scheme.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to mask (additively) a multiplication? (cont.)

1

Compute the (d + 1) × (d + 1) matrix M = (a0, · · · , ad)T ⊗ (b0, · · · , bd) where ⊗ is the Kronecker product.

2

Split M into an upper triangular matrix M1 and a strictly lower triangular matrix M2 such that M = M1 ⊕ M2.

3

Generate a strictly upper triangular random matrix R1 = (rij) (i.e. rij = 0 for j ≤ i) and compute R = R1 ⊕ RT

1.

4

Compute U = M1 ⊕ R ⊕ MT

2

5

Return (p0, · · · , pd) = 1 × U, where 1 is the line vector whose d + 1 coordinates are all equal to 1. ⇒ Costly!

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Masking linear transformation Masking translation Masking multiplication

How to be effective?

In what follows, we will focus on the masking of several particular applications: Power functions ”Inverse” function of the AES, denoted Inv(x) = x2n−2 with x ∈ GF(2n)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Multiplicative masking

Definition: multiplicative masking of order d Let x ∈ GF(2n)∗ be a sensible data. A multiplicative masking of

• rder d consists in splitting x into a vector (x0, x1, · · · , xd) such

that x0 ⊗ d

i=1 x−1 i

= x.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Property of the multiplicative masking

(Multiplication): Let x, y ∈ GF(2n)∗ be a sensible data and (x0, x1, · · · , xd) (resp. (y0, y1, · · · , yd)) a multiplicative masking of x (resp. y) then the multiplicative masking of x · y is (x0 · y0, x1 · y1, · · · , xd · yd). Observation: The multiplicative masking is very compatible with the operation of multiplication (and power function). Problems:

1

We need x ∈ GF(2n)∗,

2

The propagation of the multiplicative mask through linear applications is complicated.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Strategy

Masking affine applications and addition are easy to perform while masking the multiplication (or power application) is the difficult part. A natural idea:

Use additively masked value for the masking of affine applications and additions Use multiplicatively masked value for the masking of multiplications or power applications Convert additively masked values to multiplicatively masked

• ne’s when required, and conversely.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A first solution... by Akkar and Giraud

At CHES 2001, Akkar and Giraud proposed the following scheme to mask the ”inverse” function of the AES at order 1: Input: A 2-sharings (X + α, α) of the value X. Output: A 2-sharing (Inv(X) + α, α) of the value Inv(X).

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A first solution... by Akkar and Giraud

Let (X + α, α) be a 2-sharing of X. AMtoMM conversion:

1

Multiply by Y: (X + α) · Y

2

Add (X + α) · Y to α · Y and get X · Y Multiplicative masking of the ”inverse” function of the AES:

1

Compute Inv(X · Y)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A first solution... by Akkar and Giraud

MMtoAM conversion:

1

Compute α · Inv(Y), add it to Inv(X · Y) and get: (Inv(X) + α) · Inv(Y)

2

Multiply (Inv(X) + α) · Inv(Y) by Y in order to get the 2-sharing (Inv(X) + α, α) of Inv(X)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

The zero attack... by Goli´ c and Tymen

At CHES 2002, Goli´ c and Tymen pointed out a security flaw in the scheme by Akkar and Giraud. They observe that if X = 0 is not masked because in this case X · Y = 0 for any value Y. This masking is therefore vulnerable to first order DPA. They proposed a solution in order to minimize the impact

• f attacks in this case. The idea is to embed the finite field

in a ring such that the zero value (of the field) is mapped to a non-zero element of the ring. If there are enough such non-zero elements, the masking scheme will be ”almost perfect”.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A second solution... by Trichina, De Seta and Germani

At CHES 2002, Trichina, De Seta and Germani proposed to simplify the Akkar and Giraud scheme by reusing the value α for Y. Let (X + α, α) be a 2-sharing of X. AMtoMM conversion:

1

Multiply by α and get: (X + α) · α

2

Add (X + α) · α to α2 and get X · α Multiplicative masking of the ”inverse” function of the AES:

1

Compute Inv(X · α)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A second solution... by Trichina, De Seta and Germani (cont.)

MMtoAM conversion:

1

Add Inv(X · α) to 1 and get: Inv(X) · Inv(α) + 1

2

Multiply Inv(X) · Inv(α) + 1 by α and get the 2-sharing (Inv(X) + α, α) of Inv(X)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Attacks by Akkar, B´ evan and Goubin

In their own paper, Trichina, De Seta and Germani

• bserved that the value α2 + Xα is not fully random but

random enough in practice. At FSE 2004, Akkar, B´ evan and Goubin studied the application α → α2 + Xα (which reduces to the study of Hilbert 90 equation) and suggest that it is possible to take advantage of the non-randomness of α2 + Xα .

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A third solution... by Genelle, Prouff and Q.

In order to avoid the unsecure masking of the zero value, Genelle, Prouff and Q. proposed to map zero values to non-zero values. Consider the additive masking (X + α′, α′) Mapping: Get (σ(X) + α, α) from (X + α′, α′), where σ is an application such that σ(X) = X for X ∈ GF(2n)∗ and σ(0) = 1 Conversion AMtoMM: (σ(X) + α, α) ⇒ (β · σ(X), β) Power: (βc · σ(X)c, βc) Conversion MMtoAM: (βc · σ(X)c, βc) ⇒ (σ(X)c + γ, γ) MappingInv: Get (X c + θ, θ) from the masking (σ(X)c + γ, γ) and (X + α, α)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Mapping et MappingInv

Observations:

1

σ(X) = X + δ0(X) where δ0 is the Dirac function defined by: δ0(X) = 1 if X = 0 et δ0(X) = 0 otherwise .

2

(X + δ0(X))c = X c + δ0(X)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Mapping et MappingInv

Mapping: Mask the function δ0 using a look-up table, i.e. T[X + α′] = δ0(X) + α′′ . Therefore, (T[X + α′], α′′) is an additive masking of δ0(X) Add the previous masking to (X + α′, α′) and obtain an additive masking of σ(X), according to observation (1). MappingInv: Observation (2) implies that: (σ(X)c + γ, γ) + (T[X + α′], α′′) is an additive masking of X c.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Conversion AMtoMM and MMtoAM

Conversion AMtoMM: Consider an additive masking of a non-zero element x, i.e. (X + α, α)

1

Multiply the masked value by a non-zero element β: (β · X + α), β · α, β)

2

Add β · α to β · (X + α) and get: (β · X, β) Conversion MMtoAM: Consider a multiplicative masking of a non-zero element X, i.e. (β · X, β)

1

Add an additive mask to β · X: (β · X + γ, β)

2

Multiply by β−1: (X + γ · β−1, β)

3

Compute γ · β−1 and mask it additively: γ · β−1 + α

4

Add the two previous values and get: (X + α, α)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A third solution... by Genelle, Prouff and Q.

The previous solution masks perfectly the power application at order 1. This solution may be extended to order d.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A third solution: extension to order d... by Genelle, Prouff and Q.

We need to modify the scheme as follows: The Dirac function is not masked anymore using a look-up table but using its polynomial form: δ0(x) = x1 · · · · · xn with

x = (x1, · · · , xn) ∈ GF(2)n, xi the logical complement of xi, · the product in GF(2) (logical AND).

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

A third solution: extension to order d... by Genelle, Prouff and Q.

The AMtoMM and MMtoAM conversions previously described are generalized in a very natural way (not detailled). Remarks: It possible to mask 8 Dirac functions in parallel on a 8 bits processor using the bit slicing method, which greatly increases the efficiency. This method fits our needs because usually we need to mask several S-Boxes at each round.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Multiplicative masking Akkar and Giraud Zero-attack Trichina, De Seta and Germani Attacks by Akkar, B´ evan and Goubin Genelle, Prouff and Q. Extension at order d: Genelle, Prouff and Q.

Conclusion on the methods based on AMtoMM and MMtoAM to mask power functions

1

Akkar/Giraud, attack found by Goli´ c and Tymen (zero-attack)

2

Trichina/De Seta/Germani, attack found by Akkar, B´ evan and Goubin

3

Goli´ c and Tymen: solution trying to weaken the effect of the zero-attack (but not perfect)

4

Genelle, Prouff and Q.: perfect masking, efficient and available at any order.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion ”Square & Multiply”: BMK and addition chains

”Square & Multiply”: Bl¨

• mer, Merchan and Krummel

(2004)

Goal: how to mask the power function X c. Main idea: Apply the ”Square & Multiply” algorithm which is simply the composition of squaring (linear operation) and

• multiplications. Those operations may be masked as

presented previously. At CHES 2010, Prouff and Rivain proposed to use ”addition chains” in order to evaluate the power ⇒ 4 multiplications (proven to be an optimal chain at FSE2012 by Carlet, Goubin, Prouff, Q., Rivain)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

Reminding on finite fields

Hilbert 90 Consider a finite field GF(2n). Pα(X) = X 2 + X + α is irreductible in GF(2n)[X] if and only if TrGF(2n):GF(2)(α) = 0. Therefore, GF(28) may be expressed as a quadratic extension

• f GF(24):

GF(28) ∼ = GF(24)[X]/(Pα(X)) where α ∈ GF(24) and TrGF(24):GF(2)(α) = 0.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

Reminding on finite fields (cont.)

Let A be an element of GF(28). According to the above isomorphism, this element may be represented as a polynomial ah · γ + al with ah, al ∈ GF(24) (γ is a root of the polynomial Pα(X) = X 2 + X + α). More precisely, if we identify A, al and ah with their vectors, the components of the vector associated to al and ah may be expressed as a linear function of the components of the vector associated to A.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A first solution... by Oswald, Mangard, Pramstaller and Rijmen

At FSE 2005, Oswald, Mangard, Pramstaller and Rijmen used this representation and used the above formula to mask the S-Box of the AES: Their solution is based on the following decomposition: Inv(ah · γ + al) = a′

h · γ + a′ l

where a′

h = ah · d′

a′

l = (ah + al) · d′

d = (a2

h · α) + (ah · al) + a2 l

d′ = Inv(d)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A first solution... by Oswald, Mangard, Pramstaller and Rijmen

The formula acts recursively: they observe that the computation of an inverse in GF(24) may be achieved by using the isomorphism GF(24) ∼ = GF(22)[X]/(Pα′(X)) and the formula of the previous slide. Those formula require to perform an ”inversion” in GF(22) which is easy because Inv(x) = x2 for all element x ∈ GF(22). From the above observation, it results that the masking of the Inv(·) function may be achieved by masking compositions of polynomials in embedded extensions. Their scheme is proven to be perfect at order 1.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A first solution... by Oswald, Mangard, Pramstaller and Rijmen (cont.)

Remarks (cont.): In 2006, Oswald and Schramm, proposed to used pre-computed tables is order to evaluate the polynomials. In 2008, Canright and Batina proposed a similar approach using normal basis instead of a polynomial basis [1, α].

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A second solution...by Kim, Hong and Lim

Based on the work of Satoh, Morioka, Takano and Munetoh, the following solution was proposed by Kim, Hong and Lim at CHES 2011. Let us consider the isomophism: GF(28) ∼ = GF(((22)2)2) where GF(((22)2)2) is a tower defined by: GF(22) = GF(2)[X]/(P0(X)) where P0(X) = X 2 + X + 1 GF(24) = GF(22)[X]/(P1(X)) where P1(X) = X 2 + X + α and α is a root of P0(X) GF(28) = GF(24)[X]/(P2(X)) where P2(X) = X 2 + X + (α + 1) · β and β is a root of P1(X)

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A second solution...by Kim, Hong and Lim (cont.)

Remark: It is easy to check that TrGF(2):GF(2)(1) = 1, TrGF(22):GF(2)(α) = 1, TrGF(24):GF(2)((α + 1) · β) = 1. Therefore, P0, P1 et P2 are irreductible.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A second solution...by Kim, Hong and Lim

Denote by γ ∈ GF(28) a root of P2(X) and consider an element A ∈ GF(28) written as A = ah · γ + al where ah, al ∈ GF(24). In order to compute Inv(A) in GF(28), the method consists to write Inv(A) as Inv(A17) · A16 .

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A second solution...by Kim, Hong and Lim

It is easy to check that γ16 = γ + 1. Therefore, A16 = (ah · γ + al)16 = ah · γ + ah + al . Also, A17 = A · A16. Due to the fact that γ is a root of P2(X), we have: A17 = A · A16 = (α + 1) · βa2

h + (ah + al)al .

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion Finite Fields Oswald, Mangard, Pramstaller and Rijmen Kim, Hong and Lim

A second solution...by Kim, Hong and Lim (cont.)

Observe that A17 belong to the multiplicative group of GF(24), therefore Inv(A17) need to be done in GF(24) Finally, Inv(A) = Inv(A17)·A16 = Inv(A17)·ah·γ+Inv(A17)·(ah+al) . ⇒ the method consists in masking XOR, multiplications and an ”inversion” in GF(24) using known methods.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

Conclusion:

Method based on AMtoMM/MMtoAM conversions: [Genelle, Prouff and Q.] works for any power, proven secure, available at any order. Method based on ”Square and Multiply” and ”Addition Chains”: [Bl¨

• mer,Merchan and Krummel][Rivain, Prouff]:

works for any power, proven secure, available at any order, less efficient than Method based on AMtoMM/MMtoAM. Method based on tower field representation: [Kim, Hong and Lim] works only for the AES power, proven secure, available at any order. More efficient than the method based on AMtoMM/MMtoAM in the particular case of the AES exponent.

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac

Introduction Masking based on Look-up tables How to mask (additively) basic operations? Method based on multiplicative masking Method based on ”Square and Multiply” and addition chains Method based on the tower field representation Conclusion

Thanks for your attention! Any questions?

Micha¨ el Quisquater How to mask S-Boxes of a block cipher against side channel attac