On the Security of Partially Masked Software Implementations

Alessandro Barenghi, Gerardo Pelosi


Providing sound countermeasures against passive side channel attacks has received large interest in open literature. The scheme proposed in [Ishai et al., 2003] secures a computation against a d-probing adversary splitting it into d+1 shares, albeit with a significant performance overhead (5x to 20x). We maintain that it is possible to apply such countermeasures only to a portion of the cipher implementation, retaining the same computational security, backing a widespread intuition present among practitioners. We provide the sketch of a computationally bound attacker model, adapted as an extension of the one in [Ishai et al., 2003], and detail the resistance metric employed to estimate the computational effort of such an attacker, under sensible assumptions on the characteristic of the device leakage (which is, to the current state of the art, still lacking a complete formalization).


  1. Agosta, G., Barenghi, A., Maggi, M., and Pelosi, G. (2013a). Compiler-based Side Channel Vulnerability Analysis and Optimized Countermeasures Application. In DAC, page 81. ACM.
  2. Agosta, G., Barenghi, A., and Pelosi, G. (2012). A Code Morphing Methodology to Automate Power Analysis Countermeasures. In Groeneveld, P., Sciuto, D., and Hassoun, S., editors, DAC, pages 77-82. ACM.
  3. Agosta, G., Barenghi, A., Pelosi, G., and Scandale, M. (2013b). Enhancing Passive Side-Channel Attack Resilience through Schedulability Analysis of DataDependency Graphs. In Lopez, J., Huang, X., and Sandhu, R., editors, NSS, volume 7873 of Lecture Notes in Computer Science, pages 692-698. Springer.
  4. Agosta, G., Barenghi, A., Pelosi, G., and Scandale, M. (2014). A Multiple Equivalent Execution Trace Approach to Secure Cryptographic Embedded Software. In DAC, pages 1-6. ACM.
  5. Barenghi, A., Pelosi, G., and Terraneo, F. (2013). Secure and Efficient Design of Software Block Cipher Implementations on Microcontrollers. IJGUC, 4(2/3):110- 118.
  6. Coron, J.-S. (2014). Higher order masking of look-up tables. In Nguyen, P. Q. and Oswald, E., editors, EUROCRYPT, volume 8441 of LNCS, pages 441-458. Springer.
  7. Coron, J.-S. and Kizhvatov, I. (2010). Analysis and Improvement of the Random Delay Countermeasure of CHES 2009. In Cryptographic Hardware and Embedded Systems, pages 95-109.
  8. Coron, J.-S., Prouff, E., and Rivain, M. (2007). Side Channel Cryptanalysis of a Higher Order Masking Scheme. In Paillier, P. and Verbauwhede, I., editors, CHES, volume 4727 of LNCS, pages 28-44. Springer.
  9. Debraize, B. (2012). Efficient and provably secure methods for switching from arithmetic to boolean masking. In Prouff, E. and Schaumont, P., editors, CHES, volume 7428 of LNCS, pages 107-121. Springer.
  10. Galea, J. L., Martin, D., Oswald, E., Page, D., and Stam, M. (2014). Making and breaking leakage simulators. Cryptology ePrint Archive, Report 2014/357. http://eprint.iacr.org/.
  11. Garcia, F. D., van Rossum, P., Verdult, R., and Schreur, R. W. (2009). Wirelessly Pickpocketing a Mifare Classic Card. In IEEE Symposium on Security and Privacy, pages 3-15. IEEE CS.
  12. Ishai, Y., Sahai, A., and Wagner, D. (2003). Private Circuits: Securing Hardware against Probing Attacks. In Boneh, D., editor, CRYPTO, volume 2729 of LNCS, pages 463-481. Springer.
  13. Mangard, S., Oswald, E., and Popp, T. (2007). Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer.
  14. Moradi, A., Barenghi, A., Kasper, T., and Paar, C. (2011). On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks: Extracting Keys from Xilinx Virtex-II FPGAs. In Chen, Y., Danezis, G., and Shmatikov, V., editors, ACM CCS, pages 111- 124. ACM.
  15. O'Flynn, C. and Chen, Z. (2012). A Case Study of SideChannel Analysis Using Decoupling Capacitor Power Measurement with the OpenADC. In GarcĂ­a-Alfaro et al., J., editor, FPS, volume 7743 of LNCS, pages 341-356. Springer.
  16. Prouff, E. and Rivain, M. (2013). Masking against SideChannel Attacks: A Formal Security Proof. In Johansson, T. and Nguyen, P. Q., editors, EUROCRYPT, volume 7881 of LNCS, pages 142-159. Springer.
  17. Rivain, M. and Prouff, E. (2010). Provably Secure HigherOrder Masking of AES. In Cryptographic Hardware and Embedded Systems, CHES, pages 413-427.
  18. Schramm, K. and Paar, C. (2006). Higher Order Masking of the AES. In Pointcheval, D., editor, CT-RSA, volume 3860 of LNCS, pages 208-225. Springer.
  19. Tillich, S. and Herbst, C. (2008). Attacking State-of-the-Art Software Countermeasures-A Case Study for AES. In Oswald, E. and Rohatgi, P., editors, CHES, volume 5154 of LNCS, pages 228-243. Springer.
  20. Whitnall, C., Oswald, E., and Standaert, F.-X. (2014). The Myth of Generic DPA...and the Magic of Learning. In Benaloh, J., editor, CT-RSA, volume 8366 of LNCS, pages 183-205. Springer.

Paper Citation

in Harvard Style

Barenghi A. and Pelosi G. (2014). On the Security of Partially Masked Software Implementations . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 492-499. DOI: 10.5220/0005120504920499

in Bibtex Style

author={Alessandro Barenghi and Gerardo Pelosi},
title={On the Security of Partially Masked Software Implementations},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},

in EndNote Style

JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - On the Security of Partially Masked Software Implementations
SN - 978-989-758-045-1
AU - Barenghi A.
AU - Pelosi G.
PY - 2014
SP - 492
EP - 499
DO - 10.5220/0005120504920499