Title :
Slicing up a perfect hardware masking scheme
Author :
Chen, Zhimin ; Schaumont, Patrick
Author_Institution :
Electr. & Comput. Eng. Dept., Virginia Polytech. Inst. & State Univ., Blacksburg, VA
Abstract :
Masking is a side-channel countermeasure that randomizes side-channel leakage, such as the power dissipation of a circuit. Masking is only effective on the condition that the internal random mask remains a secret. Previous research has illustrated how a successful estimation of the mask bit in circuit-level masking leads to successful side-channel attacks. In this paper, we extend this concept to algorithmic masking, which uses multi-bit masks. Our key observation is that the power dissipation of a masked circuit and the mask value are not independent. We exploit this property by using a slice of the power samples obtained by partial selection. This slice has a statistically biased mask, even when the mask signal itself is generated with a uniform distribution. We demonstrate this attack by showing how a perfectly masked AES SBox can be broken using part of the observed power samples, while the same circuit remains secure if we use all of the observed power samples.
Keywords :
low-power electronics; power aware computing; security of data; AES SBox; algorithmic masking; internal random mask; multi-bit masks; perfect hardware masking scheme slicing; power dissipation; side-channel countermeasure; side-channel leakage; statistically biased mask; Algorithm design and analysis; Boolean functions; Hardware; Logic circuits; Microcontrollers; Power dissipation; Power engineering and energy; Power engineering computing; Random variables; Signal generators; Differential Power Analysis masking; Side-channel Attack; slice;
Conference_Titel :
Hardware-Oriented Security and Trust, 2008. HOST 2008. IEEE International Workshop on
Conference_Location :
Anaheim, CA
Print_ISBN :
978-1-4244-2401-6
DOI :
10.1109/HST.2008.4559041
