Low-Latency Masked Gadgets Robust against Physical Defaults with Application to Ascon

IACR Transactions on Cryptographic Hardware and Embedded Systems Pub Date : 2024-07-18 DOI:10.46586/tches.v2024.i3.603-633

Gaëtan Cassiers, François-Xavier Standaert, Corentin Verhamme

{"title":"Low-Latency Masked Gadgets Robust against Physical Defaults with Application to Ascon","authors":"Gaëtan Cassiers, François-Xavier Standaert, Corentin Verhamme","doi":"10.46586/tches.v2024.i3.603-633","DOIUrl":null,"url":null,"abstract":"Low-latency masked hardware implementations are known to be a difficult challenge. On the one hand, the propagation of glitches can falsify their independence assumption (that is required for security) and can only be stopped by registers. This implies that glitch-robust masked AND gates (maintaining a constant number of shares) require at least one cycle. On the other hand, Knichel and Moradi’s only known single-cycle multiplication gadget that ensures (composable) security against glitches for any number of shares requires additional care to maintain security against transition-based leakages. For example, it cannot be integrated in a single-cycle roundbased architecture which is a natural choice for low-latency implementations. In this paper, we therefore describe the first single-cycle masked multiplication gadget that is trivially composable and provides security against transitions and glitches, and prove its security in the robust probing model. We then analyze the interest of this new gadget for the secure implementation of the future lightweight cryptography standard Ascon, which has good potential for low-latency. We show that it directly leads to improvements for uniformly protected implementations (where all computations are masked). We also show that it is can be handy for integration in so-called leveled implementations (where only the key derivation and the tag generation are masked, which provides integrity with leakage in encryption and decryption and confidentiality with leakage in encryption only). Most importantly, we show that it is very attractive for implementations that we denote as multi-target, which can alternate between uniformly protected and leveled implementations, without latency overheads and at limited cost. We complete these findings by evaluating different protected implementations of Ascon, clarifying its hardware design space.","PeriodicalId":321490,"journal":{"name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","volume":" 9","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Transactions on Cryptographic Hardware and Embedded Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46586/tches.v2024.i3.603-633","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Low-latency masked hardware implementations are known to be a difficult challenge. On the one hand, the propagation of glitches can falsify their independence assumption (that is required for security) and can only be stopped by registers. This implies that glitch-robust masked AND gates (maintaining a constant number of shares) require at least one cycle. On the other hand, Knichel and Moradi’s only known single-cycle multiplication gadget that ensures (composable) security against glitches for any number of shares requires additional care to maintain security against transition-based leakages. For example, it cannot be integrated in a single-cycle roundbased architecture which is a natural choice for low-latency implementations. In this paper, we therefore describe the first single-cycle masked multiplication gadget that is trivially composable and provides security against transitions and glitches, and prove its security in the robust probing model. We then analyze the interest of this new gadget for the secure implementation of the future lightweight cryptography standard Ascon, which has good potential for low-latency. We show that it directly leads to improvements for uniformly protected implementations (where all computations are masked). We also show that it is can be handy for integration in so-called leveled implementations (where only the key derivation and the tag generation are masked, which provides integrity with leakage in encryption and decryption and confidentiality with leakage in encryption only). Most importantly, we show that it is very attractive for implementations that we denote as multi-target, which can alternate between uniformly protected and leveled implementations, without latency overheads and at limited cost. We complete these findings by evaluating different protected implementations of Ascon, clarifying its hardware design space.

查看原文本刊更多论文

应用于 Ascon 的低延迟屏蔽小工具可有效抵御物理故障

众所周知，低延迟屏蔽硬件实现是一项艰巨的挑战。一方面，缝隙的传播会破坏其独立性假设（这是安全性所必需的），而且只能通过寄存器来阻止。这就意味着，防止间隙的屏蔽 AND 门（保持恒定的份额数）至少需要一个周期。另一方面，Knichel 和 Moradi 唯一已知的单周期乘法小工具可以确保（可组合的）安全，防止任何份额数的漏洞，但需要额外的注意，以保持安全，防止基于转换的泄漏。例如，它无法集成到基于单循环的架构中，而这种架构是低延迟实现的自然选择。因此，我们在本文中描述了第一种单周期掩蔽乘法小工具，它具有微不足道的可组合性，并提供了防止过渡和故障的安全性，我们还证明了它在鲁棒探测模型中的安全性。然后，我们分析了这一新小工具对未来轻量级加密标准 Ascon 的安全实施的意义，该标准在低延迟方面具有巨大潜力。我们证明，它能直接改善均匀保护的实现（所有计算都被屏蔽）。我们还证明，它可以方便地集成到所谓的分级实现中（在这种实现中，只有密钥推导和标签生成被屏蔽，从而在加密和解密中提供了泄漏的完整性，在加密中提供了泄漏的保密性）。最重要的是，我们表明，它对我们称之为多目标的实现非常有吸引力，可以在统一保护和分级实现之间交替使用，而不会产生延迟开销，而且成本有限。我们通过评估 Ascon 的不同保护实现来完善这些发现，从而明确其硬件设计空间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IACR Transactions on Cryptographic Hardware and Embedded Systems

自引率

0.00%

发文量