Performance evaluation of protocols resilient to physical attacks

Cryptographic implementations are vulnerable to physical attacks. Many countermeasures to resist them have been proposed in the past. However, they are all specific to a given attacker and allow to mitigate the risk only up to a certain level: improved attacks on those countermeasures can most of the time be devised. Therefore, a new trend consists in making cryptographic implementations resilient to physical attacks. This strategy makes it possible to prove the countermeasure against all possible types of attackers captured by a security model. Several resilient schemes for the protection of block ciphers exist. For a given security objective, they all permit to reach the same security level. Therefore, they differentiate only according to their efficiency. We first show that the genuine versions of these protocols achieve different I/O bandwidth and computational performance. Our second contribution is to improve those protocols thanks to a message blinding, assuming passive attacks require more than two traces to be successful. Then, we bring as a third contribution the fact that the improved versions of the protocols are very much alike, and that the difference between them depends only from the specific details of their instantiation.