Side-Channel Attack (SCA), toggle count, masking, simulation-based analysis
Masking is one of the most commonly used Side-Channel Attack (SCA) countermeasures and is built on a security framework, such as the ISW framework, and ensures theoretical security through secret sharing. Unfortunately, the theoretical security cannot guarantee practical security, because several possible weaknesses may exist in the actual implementation. These weaknesses likely come from the masking schemes or are introduced by the implementation methods. Finding the possible weakness of the masking scheme is an interesting and important issue for real applications. In this paper, the possible weaknesses for masking schemes in Field-Programmable Gate Array (FPGA) design are discussed. It was found that the combinational circuit is the key to the security of masking schemes. The Toggle Count (TC) method and its extension are utilized to evaluate the security of masking schemes in the design phase and the implementation phase separately. Comparing different logic-level simulators for the Xilinx FPGA platform, the behavioral and post-translate simulations are considered as the analysis method in the design phase, while the post-map and the post-route simulations are used to find the weakness during the implementation phase. Moreover, a Standard Delay Format (SDF) based improvement scheme is proposed to significantly increase the effectiveness of the TC model.
Tsinghua University Press
Ming Tang, Yuguang Li, Yanbin Li et al. A Generic TC-Based Method to Find the Weakness in Different Phases of Masking Schemes. Tsinghua Science and Technology 2018, 23(5): 574-585.