Patent Grant
11386239
The invention relates in general to the field of cryptography and more specifically the field of protecting cryptographic calculations from spying out. In particular, the invention relates to the transition from a first masking of a value to be kept secret, based on a Boolean masking rule, to a second masking of the value to be kept secret, based on an additive masking rule. The invention is particularly suitable for the use in a portable data carrier. Such a portable data carrier can, for example, be configured as a chip card (smart card) or as an insertable chip module or as a chip module permanently integrated in a portable device or as a portable resource-limited system.
Portable data carriers are often employed for security-critical applications, for example for the authentication in mobile telephony, as cash cards, as signature cards or signature tokens for electronic signatures and so on. Since unauthorised use could cause considerable damage, the secret data stored on such data carriers must be reliably protected from spying out and manipulation.
A known type of attack method for spying out data are so-called side channel attacks, in which conclusions about the processed data can be drawn by measurements during the program execution. For example, the current consumption of the data carrier and/or other physical parameters such as e.g. electromagnetic emissions or program runtimes can be measured and evaluated. Either the measured properties during one single calculation sequence are examined (e.g. SPA=Simple Power Analysis), or many calculation sequences are observed and statistically evaluated (e.g. DPA—Differential Power Analysis).
In general, one distinguishes between side channel attacks of first, second, third, etc. orders. In a first-order side channel attack, the attacker is able to ascertain one single value occurring during the calculation, that is e.g. the value which is in a certain register of a processor of the data carrier at a certain point in time. In a second-order side channel attack, the attacker is able to ascertain two such values, that is e.g. the content of a processor register at two different points in time, or the content of two registers at a point in time. Accordingly, with a third-order side channel attack three values are spied out, and so on.
For thwarting side channel attacks, a protection measure by software is known which consists in masking data to be kept secret before carrying out cryptographic calculations, i.e. falsifying them with a value referred to as a mask. The mask is selected as a random value before each execution of the cryptographic calculation—or at other points in time. The cryptographic calculation is then not carried out with the data to be kept secret, but with their masked representation. Even if an attacker succeeds in ascertaining the masked representation by a first-order side channel attack, no conclusions can be drawn therefrom about the data to be kept secret because of the masking.
A masking of a value to be kept secret can be based on different masking rules. The masking rule indicates the calculation rule according to which the data to be protected are linked to the mask in order to obtain the masked representation. Which masking rule is suitable depends on the type of cryptographic calculation.
If the cryptographic calculation substantially consists of bitwise operations, as a masking rule there is often suitable an exclusive-or-operation (xor operation; in this document also referred to by the operator symbol ⊕). That is, from a value d to be kept secret, a masked representation x with x=d⊕s is derived, where s is the randomly selected mask. Such a masking rule and also related masking rules, which e.g. have additional inversions of individual bits, in this document are referred to as Boolean masking rules, and the masks used are referred to as Boolean masks.
However, if the cryptographic calculation substantially consists of byte- or word-wise additions or comparable operations, often an addition or subtraction makes sense as a masking rule. Instead of the value d to be kept secret, there is thus processed e.g. a masked representation x with one of the masking rules x=d+r mod 2n or x=d−r mod 2n or x=r−d mod 2n or x=−(d+r)mod 2n, where n is the bit width with which the calculations are executed. In the present document, such masking rules and also related masking rules, in which e.g. also a multiplication by a constant factor takes place, are referred to as additive masking rules, and this regardless of whether an addition or a subtraction is executed when masking. This corresponds to the usual terminology according to which both the addition and the subtraction are regarded as additive operations. Accordingly, the masks used are referred to as additive masks.
If implemented without error, the Boolean and additive masking rules just mentioned prevent first-order side channel attacks. But these rules offer no protection against second-order side channel attacks, because e.g. with the Boolean masking rule an attacker who spies out the values x and s can ascertain therefrom the value d to be kept secret. However, according to an at least internal state of the art of the applicant, protection against second-order side channel attacks can be achieved by effecting a masking with two randomly selected masks. For example, a Boolean masking with two randomly selected masks s1, s2 and the masking rule x=d⊕s1⊕s2 is secure against second-order side channel attacks. The same applies to an additive masking with two randomly selected masks r1, r2 and a masking rule of the form x=±d±r1+r2 mod 2n, and thus for example x=d+r1+r2 mod 2n.
Irrespective of the number of masks and of the “strength” of the protection achieved, a difficulty arises when during the cryptographic calculation operations are successively executed that are only compatible with different masking rules. This is the case, for example, with symmetrical encryption methods such as IDEA (International Data Encryption Algorithm), SAFER K-64 and RC5 as well as hash algorithms such as MD5 or SHA-1. For some sections of these algorithms, a Boolean masking is useful, while additive masking is more advantageous for other sections.
At the interfaces between these sections it is therefore necessary to create a transition from one type of masking to the other. Here, too, attention has to be paid that an attacker cannot obtain any usable information about the value to be protected. Therefore, for example, it is out of the question to use a procedure where with a masking with the Boolean mask s at first the value d to be kept secret is determined from the masked representation x by an xor operation with the Boolean mask s and then the new masked representation is calculated by using the value d and an additive mask r.
From the printed patent specification EP 1 596 527 B1, a method is known for the masking transition from a Boolean masking of a value to be kept secret to an additive masking of the value to be kept secret. This procedure has proved to be very helpful in practice, but it is only protected against first-order side channel attacks.
In the article “A Sound Method for Switching between Boolean and Arithmetic Masking” by L. Goubin, published in the conference proceedings of the “Workshop on Cryptographic Hardware and Embedded Systems 2001 (CHES 2001)”, volume 2162 of the Lecture Notes in Computer Science, Springer-Verlag, 2001, pages 3-15, methods of masking transition are described which are protected against first-order side channel attacks. In these methods, a new masked representation of the value to be kept secret is calculated without changing the mask. These procedures are also disclosed in the laid-open print WO 02/065692 A1.
The article “Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking” by Blandine Debraize, published in the conference proceedings of the “Workshop on Cryptographic Hardware and Embedded Systems 2012 (CHES 2012)”, Volume 7428 of the Lecture Notes in Computer Science, Springer-Verlag, 2012, pages 107-121, describes another method, protected against spying out, of masking transition that is referred to as secure against first-order side channel attacks and as particularly efficient.
A protection against first-order side channel attacks is already an important advantage. Recently, however, it has become increasingly important to also offer protection against second-order side channel attacks. This is e.g. a requirement for certain security levels of the Common Criteria for Information Technology Security Evaluation according to the ISO/IEC 15408 standard, and also for EMVCo evaluations. It would therefore be desirable to supply a masking transition method which includes an increased protection against side channel attacks compared to known methods. Further, it would be desirable if the procedure could be implemented efficiently despite the high level of security offered.
It is the object of the invention to create an advantageous technique for the transition, protected against spying out, from a Boolean masking of a value to be kept secret to an additive masking of the value to be kept secret, which is protected against second-order side channel attacks.
The invention starts out from the basic idea of executing the masking transition in the form of a total of three simpler masking transitions. These masking transitions are referred to in the description and the claims as “first”, “second” and “third” masking transitions. However, this is merely intended to provide a clearer presentation and is not intended to imply an order of execution. Depending on the implementation and the order in which certain intermediate results are generated and required, other orders of the masking transitions and/or a wholly or partially parallel or wholly or partially interleaved execution are also possible and provided.
The method according to the invention is secured against second-order side channel attacks, among other things, by the result of the first masking transition, namely the first additive mask, itself being a masked representation in which an obfuscation value serving as Boolean mask is used. This obfuscation value is converted into an additive correction value in the second masking transition. In the third masking transition, the second additive mask is determined. In some embodiments the correction value may be incorporated in the second mask, in other embodiments it can be output separately from the second mask, and in still further embodiments it can be used in other ways.
In some configurations, the obfuscation value serving as a Boolean mask and/or further obfuscation values are determined randomly. For example, a total of three random obfuscation values can be provided for one course of the method. In some embodiments, the three masking transitions are executed with three different base values, one of which can be the value to be kept secret. Of course, this does not mean that this value is present in plaintext (and would therefore be vulnerable to be spied out), but only means that the masking transition uses this base value conceptually.
Altogether, the method preferably serves for the protection against second-order side-channel attacks, even if, as is provided in some embodiments, at least one or at least two of the simpler masking transitions (when regarded alone) is or are only protected against first-order side channel attacks.
Preferably, the masking transition method is embedded between two sections of a cryptographic calculation. In some configurations, here, at first the masked representation is generated or processed by an operation compatible with the Boolean masking rule, then the masking transition is effected, and finally the masked representation is further processed by an operation compatible with the additive masking rule.
The computer program product of the invention includes program commands, in order to implement the method of the invention. Such a computer program product can be a physical medium, e.g. a semiconductor memory or a CD-ROM. The computer program product can also be a non-physical medium, however, e.g., a signal transmitted via a computer network. In particular, the computer program product may contain program commands which are introduced into a portable data carrier or chip module in the course of its manufacture or initialization or personalization.
The device according to the invention can in particular be a portable data carrier, e.g. a chip card or a chip module. Such a data carrier contains in the way known in the art at least one processor, several memories configured with different technologies and various auxiliary modules such as e.g. interface circuits, timers and connection elements.
In preferred developments, the computer program product and/or the device have features which correspond to the features mentioned in the present description and/or stated in the dependent method claims.
Further features, objects and advantages of the invention can be found in the following description of several exemplary embodiments, alternative embodiments and exemplary implementations. Reference is made to the schematic drawing.
In
The second section 14 of the cryptographic calculation comprises further operations, which, however, are not compatible with the Boolean masking rule, but only with an additive masking rule. In the present embodiment example, the masking rule used in the second section 14 is x=d+r1a+r2a mod 2n, where r1a and r2a are each an additive mask and n indicates the word width in bits of the calculation performed. The masking transition method 10 should therefore determine, from the first masking of the value d to be kept secret with the Boolean masks s1, s2, a second masking which includes two additive masks r1a and r2a. In the configuration described first here, the masked representation x is to remain unchanged during the execution of the masking transition method 10, while this is not the case in other configurations described later.
In the embodiment example described here, the masking transition method 10 includes a total of three simpler masking transitions 16, 18, 20. These masking transitions 16, 18, 20 are here also referred to as “first”, “second” and “third” masking transitions. This, however, only serves to simplify the naming without implying an order of execution. In implementation variants, the three masking transitions 16, 18, 20 can be executed in a different order or e.g. in an interleaved fashion, i.e. for example first a part of the third masking transition 20, which does not require the correction value a, and only then the second masking transition 18.
Before describing the masking transitions 16, 18, 20 in more detail, now two general formulas are explained for a better understanding, with which masking transitions can be executed in a manner protected against first-order side channel attacks.
A masked representation x of a base value d to be kept secret, with a Boolean mask s is given, so that thus it holds that x=d⊕s. What is to be calculated is an arithmetic mask r with which the masked representation x presents the base value d to be kept secret, for which it thus holds that x=d+r mod 2n with a given calculation bit width n. In order to secure the calculation against a first-order side channel attack, a random obfuscation value z is introduced. The arithmetic mask r then results from the formula:
r=((d⊕s⊕z)−(d⊕z))⊕s⊕((s⊕z)−z)
This relation, hereinafter referred to as “XOR2ADD formula”, is already known in slightly modified form from EP 1 596 527 B1. The correctness of the XOR2ADD formula results from a consideration of the function defined by F(x, s):=(x−(x⊕s))mod 2n. For the above-mentioned masked representation x of the base value d to be kept secret and the above-mentioned Boolean mask s, the value F(x, s) presents the searched additive mask r, because it holds that d+F(x, s)=d+(x−(x⊕s))=d+x−d=x. For the mapping F(_, s) it holds that: F(x⊕y, s)=F(x, s)⊕F(y, s)⊕F(0, s). This results in the following equation chain:
The XOR2ADD formula follows by replacing the value x by d⊕s in the just derived relation for r.
The above mentioned XOR2ADD formula can be extended by using not only one random obfuscation value z, but two obfuscation values z1 and z2. Depending on the security requirements, the obfuscation values z1, z2 may each be random in themselves, or there may be certain dependencies either between the obfuscation values z1, z2 among themselves or between one of the obfuscation values z1, z2 and another value. Using the two obfuscation values z1, z2, the arithmetic mask r then results from the following relation, which is referred to here as the “extended XOR2ADD formula”:
r=((d⊕s⊕z1⊕z2)−(d⊕z1⊕z2))⊕((s⊕z1)−z1)⊕((s⊕z2)−z2)
As already briefly explained above, the masking transition method 10 in the embodiment example shown in
In an experimental approach, which is now first described as an introduction to the embodiment example, two additive masks r1, r2 with x=d+r1+r2 would be determined by first performing an “inner” masking transition from d⊕s1 to d+r1 and then an “outer” masking transition from (d+r1)⊕s2 to (d+r1)+r2. Each of these two masking transitions is effected according to the experimental approach according to the extended XOR2ADD formula with suitable obfuscation values. Thus, according to the experimental approach, the value r1 with two obfuscation values z1, z2 results from the following relation, which is referred to as “(A0)”:
r1=((d⊕s1⊕z1⊕z2)−(d⊕z1⊕z2))⊕((s1⊕z1)−z1)⊕((s1⊕z2)−z2)
When analysing the experimental approach just described, however, the inventors surprisingly realized that the calculation of r1 according to the relation (A0) is susceptible to second-order side channel attacks because an attacker could draw conclusions about the value d to be kept secret from the knowledge of n and s1. In the embodiment example described now, the experimental approach is hence modified to the extent that with the first masking transition 16 there is not determined the additive mask r1 corresponding to the Boolean mask s1, but instead a value r1a modified compared to r2. The value r1a, which presents the first mask searched for altogether, is the Boolean masking of the value r1 with another Boolean mask, namely a randomly selected obfuscation value a. Thus, it holds that r1a=r1⊕a, from which the following relation (A1) results by inserting the above relation (A0):
r1a=((d⊕s1⊕z1⊕z2)−(d⊕z1⊕z2))⊕((s1⊕z1)−z1)⊕((s1⊕z2)−z2)⊕a
Since in the equation x=d⊕s1⊕s2 the exclusive-or-operations can be shifted arbitrarily from the right to the left side, the relation (A1) can also be written as relation (A2) as follows:
r1a=((x⊕s2⊕z1⊕z2)−(x⊕s1⊕s2⊕z1⊕z2))⊕((s1⊕z1)−z1)⊕((s1⊕z2)−z2)⊕a
The relation (A2) depicts the first masking transition 16 according to the embodiment example described here. With a suitable implementation, the calculation of the relation (A2) is secure against second-order side channel attacks.
As according to (A2), the value r1a was calculated instead of the actually desired value r1, a correction step is required in the embodiment example described here, for which the Boolean obfuscation value a is converted into a corresponding additive correction value α. As already mentioned, the value a depicts the mask according to a Boolean masking r1a=r1 ⊕a of the value r1. In the correction step, the Boolean mask a with the base value r1 is therefore converted into a corresponding additive mask α, for which it thus holds that r1a=r1+α. For this, the non-extended XOR2ADD formula and a further random obfuscation value z3 are used, so that the following relation (B) results:
α=((r1⊕a⊕z3)−(r1⊕z3))⊕a⊕((a⊕z3)−z3)
In the embodiment example described here, the relation (B) depicts the second masking transition 18. The value r1 does not have to be explicitly used for the calculation of α, but the knowledge of the values r1a=r1⊕a and a is sufficient.
Now, a further masking transition is required, which in the present embodiment example is based on the “outer” masking transition of the above-described experimental approach from (d+r1)⊕s2 to (d+r1)+r2. For this, the extended XOR2ADD formula and two further obfuscation values z4, z5 are used, so that the following relation designated as “(C0)” results:
r2=(((d+r1)⊕s2⊕z4⊕z5)−((d+r1)⊕z4⊕z5))⊕((s2⊕z4)−z4)⊕((s2⊕z5)−z5)
Since it holds that x=(d+r1)⊕s2, the relation (C1) can also be written as a relation (C2) as follows:
r2=((x⊕z4⊕z5)−(x⊕s2⊕z4⊕z5))⊕((s2⊕z4)−z4)⊕((s2⊕z5)−z5)
By using the two obfuscation values z4 and z5, no further protective measures against second-order side channel attacks are required. However, the result r2 is not yet the desired second additive mask r2a, because the use of the obfuscation value a has increased the first additive mask r1a, compared to r1, by the value α. This correction value α must now be subtracted from the result r2, so that the second additive mask r2a with r2a=r2−α results. In total, the second mask r2a is thus determined by the following relation (C3):
r2a=r2−α=(((x⊕z4⊕z5)−(x⊕s2⊕z4⊕z5))⊕((s2⊕z4)−z4)⊕((s2⊕z5)−z5)))−α
In the embodiment example described here, the relation (C3) depicts the third masking transition 20.
Altogether, the two additive masks r1a (according to relation (A2)) and r2a (according to relation (C3)) thus obtained form the desired result of the masking transition method 10, because it holds that:
x=d+r1+r2=d+(r1a−α)+(r2a+α)=d+r1a+r2a
It is to be understood that in alternative embodiments various modifications of the embodiment example just described are possible. For example, the method can be modified in such a way that not the corrected value r2a is output as the second mask, but instead the uncorrected value r2 and separately therefrom the correction value α.
Further, in the above-described embodiment example, besides the obfuscation value a five further obfuscation values z1, z2, z3, z4 and z5 are employed. In a simple but not very efficient implementation, independent random numbers can be used for these values. For optimization reasons, however, there are also provided implementations in which the obfuscation values are derived from fewer random numbers. Of course, one must make sure that the protection against spying out the method is not impaired. As can be seen from the two following exemplary implementations, however, it is possible to reduce the number of independent random numbers for the masking transition method 10 to three without compromising the protection against spying out.
As already mentioned, various modifications of the masking transition method 10 are further provided, in which the masking transitions 16, 18 and 20—or parts thereof—are executed in a different order than that described above.
In the following, two further embodiment examples of the masking transition method are depicted with reference to two exemplary implementations. In order to avoid misunderstandings, it should be noted that the naming conventions used in the following differ from those of the embodiment example described above.
The first exemplary implementation starts out from the input values x, y and z, where y and z are Boolean masks and x is a masked representation of a base value d to be kept secret (which is not available as input value). Thus, it holds that x=d⊕y⊕z. Then the following method steps are executed:
As a result, one obtains the two additive masks r1a and r2a as well as a changed masked representation xm of the base value d. Altogether, it holds that:
xm=x⊕r⊕s=d⊕(y⊕r)⊕(z⊕s)=d+r1a+r2a
The just described first implementation contains 29 elementary operations. However, the input-masked representation x differs from the output-masked representation xm. This is acceptable for many applications. For applications in which the masked representation is not to be changed by the masking transition, the following second implementation can be employed. This second implementation does not introduce any additional intermediate values and differs from the first implementation with regard to the naming of the input values and output values as well as with regard to the steps 1, 2, 4, 10 and 21.
For the second exemplary implementation, the input values xm, yt and z are provided, where yt and z are Boolean masks and xm is a masked representation of the base value d to be kept secret. Thus, it holds that xm=d⊕yt⊕z. Then the following method steps are executed:
As a result, one obtains the two additive masks r1a and r2a. The masked representation xm of the base value d to be kept secret remains unchanged. Altogether, it holds that:
xm=d⊕(y⊕r)⊕(z⊕s)=d+r1a+r2a
By numerical simulation for all input values with a width of 4 bits, it was proven for the two implementations just described that they are resistant to second-order side channel attacks.
The correctness of the above first implementation can be illustrated as follows. According to the relation (A2) from the first embodiment example it holds that:
r1a=((x⊕s2⊕z1⊕z2)−(x⊕s1⊕s2⊕z1⊕z2))⊕((s1⊕z1)−z1)⊕((s1⊕z2)−z2)⊕a
With z2:=z and s1:=z⊕s=zs there first follows that:
r1a=((x⊕s2⊕z1⊕z)−(x⊕S s2⊕z1))⊕((zs⊕z1)−z1)⊕(s−z)⊕a
Through the substitution z1:=y it further results that:
r1a=((x⊕s2⊕y⊕z)−(x⊕s⊕s2⊕y))⊕((zs⊕y)−y)⊕(s−z)⊕a
With x⊕s2:=x⊕y⊕s and a:=a, it finally results that:
r1a=((x⊕s⊕z)−x))⊕((zs⊕y)−y)⊕(s−z)⊕a
However, this corresponds exactly to the value r1a calculated as the result of steps (2)-(14) of the first implementation, because it holds that:
The same holds for to the value r2 according to the relation (C2):
r2=((x⊕z4⊕z5)−(x⊕s2⊕z4⊕z5))⊕((s2⊕z4)−z4)⊕((s2⊕z5)−z5)
With s2:=y⊕r=yr and z5:=y one obtains:
r2=((x⊕z4⊕y)−((x⊕yr)⊕y⊕z4))⊕((yr⊕z4)−z4)⊕(r−y)
Then, with z4:=s it finally results that:
However, this corresponds exactly to the value r2 which was calculated according to steps (20)-(28) of the first implementation as follows:
The method according to
| Number | Date | Country | Kind |
|---|---|---|---|
| 10 2017 002 153.8 | Mar 2017 | DE | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/EP2018/000081 | 2/28/2018 | WO | 00 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO2018/162115 | 9/13/2018 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 8553877 | Scian | Oct 2013 | B2 |
| 8707053 | Farrugia | Apr 2014 | B2 |
| 9425959 | Pedersen | Aug 2016 | B1 |
| 10333699 | Rohatgi | Jun 2019 | B1 |
| 20040139136 | Goubin | Jul 2004 | A1 |
| 20050147243 | Baek | Jul 2005 | A1 |
| 20050232430 | Gebotys | Oct 2005 | A1 |
| 20060159257 | Fischer | Jul 2006 | A1 |
| 20060200514 | Fischer | Sep 2006 | A1 |
| 20060282491 | Joye | Dec 2006 | A1 |
| 20070058800 | Neisse | Mar 2007 | A1 |
| 20070188355 | Baek | Aug 2007 | A1 |
| 20090016523 | Dupaquis | Jan 2009 | A1 |
| 20090086961 | Sauzet | Apr 2009 | A1 |
| 20090092245 | Fumaroli | Apr 2009 | A1 |
| 20090112896 | Golic | Apr 2009 | A1 |
| 20090116644 | Klimov | May 2009 | A1 |
| 20100235417 | Baek | Sep 2010 | A1 |
| 20110013767 | Kim | Jan 2011 | A1 |
| 20110044450 | Choi | Feb 2011 | A1 |
| 20110055591 | Rivain | Mar 2011 | A1 |
| 20110129084 | Fumaroli | Jun 2011 | A1 |
| 20110246787 | Farrugia | Oct 2011 | A1 |
| 20120047417 | Koike | Feb 2012 | A1 |
| 20120204038 | Farrugia | Aug 2012 | A1 |
| 20120250854 | Danger | Oct 2012 | A1 |
| 20130129081 | Guillet | May 2013 | A1 |
| 20130195266 | Fischer | Aug 2013 | A1 |
| 20130275545 | Baptist | Oct 2013 | A1 |
| 20130275776 | Baptist | Oct 2013 | A1 |
| 20140006017 | Sen | Jan 2014 | A1 |
| 20140169553 | Chen | Jun 2014 | A1 |
| 20140254792 | Gammel | Sep 2014 | A1 |
| 20140281573 | Jaffe | Sep 2014 | A1 |
| 20150110266 | Debraize | Apr 2015 | A1 |
| 20150172042 | Karroumi | Jun 2015 | A1 |
| 20150244524 | Pulkus | Aug 2015 | A1 |
| 20160364474 | Bay | Dec 2016 | A1 |
| 20170033921 | Michiels | Feb 2017 | A1 |
| 20170033923 | Melzani | Feb 2017 | A1 |
| 20170244552 | Thiebeauld De La Crouee | Aug 2017 | A1 |
| 20170272165 | Mansouri Rad | Sep 2017 | A1 |
| 20170373838 | Wurcker | Dec 2017 | A1 |
| 20180178578 | Tierney | Jun 2018 | A1 |
| 20180351729 | Tunstall | Dec 2018 | A1 |
| 20190050204 | Hutter | Feb 2019 | A1 |
| Number | Date | Country |
|---|---|---|
| 102016007189 | Dec 2017 | DE |
| 1596527 | Nov 2005 | EP |
| 1939822 | Jul 2008 | EP |
| 101586811 | Jan 2016 | KR |
| WO-2006058561 | Jun 2006 | WO |
| WO-2017152056 | Sep 2017 | WO |
| Entry |
|---|
| Coron et al.,Secure Conversion between Boolean and Arithmetic Masking of Any Order, CHES 2014, LNCS 8731, pp. 188-205, 2014. |
| Pulkus et al., Switching Blindings with a View Towards IDEA, CHES 2004, LNCS 3156, pp. 230-239, 2004. |
| Hutter, M., Tunstall, M. Constant-time higher-order Boolean-to-arithmetic masking. J Cryptogr Eng 9, 173-184 (2019). https://doi.org/10.1007/s13389-018-0191-z. |
| Coron JS., Großschädl J., Tibouchi M., Vadnala P.K. (2015) Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity. FSE 2015. Lecture Notes in Computer Science, vol. 9054. Springer https://doi.org/10.1007/978-3-662-48116-5_7. |
| Vadnala et al., “Algorithms for Switching between Boolean and Arithmetic Masking of Second Order,” Laboratory of Algorithms, Cryptology and Security, pp. 95-110, 2013. |
| Coron et al., “Secure Conversion between Boolean and Arithmetic Masking of Any Order,” Laboratory of Algorithmics, Cryptology and Security, International Association for Cryptologic Research, pp. 188-205, 2014. |
| Hutter et al., “Constant-Time Higher-Order Boolean-to-Arithmetic Masking,” Journal of Cryptographic Engineering, pp. 1-22, 2016. |
| German Search Report for DE Application No. 102017002153.8, dated Nov. 20, 2017. |
| International Search Report from PCT Application No. PCT/EP2018/000081, dated Jun. 18, 2018. |
| “Information Technology Security Techniques—Evaluation Criteria for IT Security—Part 1: Introduction and General Model,” ISO/IEC 15408-1, Third Edition, pp.. 1-74, Dec. 15, 2009. |
| “Information Technology Security Techniques—Evaluation Criteria for IT Security—Part 2: Security Functional Components,” ISO/IEC 15408-2, Third Edition, pp. 1-240, Aug. 15, 2008. |
| “Information Technology Security Techniques—Evaluation Criteria for IT Security—Part 3: Security Assurance Components,” ISO/IEC 15408-3, Third Edition, pp. 1-188, Aug. 15, 2008. |
| von L. Goubin, “A Sound Method for Switching Between Boolean and Arithmetic Masking,” Workshop on Cryptographic Hardware and Embedded Systems, vol. 2162 of the Lecture Notes in Computer Science, pp. 3-15, 2001. |
| von Blandine Debraize, “Efficient and Provably Secure Methods for Switching from Arithmetic to Boolean Masking,” Workshop on Cryptographic Hardware and Embedded Systems, vol. 7428 of the Lecture Notes in Computer Science, pp. 107-121, 2012. |
| Number | Date | Country | |
|---|---|---|---|
| 20200034573 A1 | Jan 2020 | US |
