Masking has been recognized as a sound and secure countermeasure for cryptographic implementations, protecting against physical side-channel attacks. Even though many different masking schemes have presented over time, design implementation of protected Integrated Circuits (ICs) remains challenging task. More specifically, correct efficient usually requires manual interactions accompanied by longstanding experience in hardware security. To this end, masked often proves to be an error-prone...

Fault Injection Analysis is seen as a powerful attack against implementations of cryptographic algorithms. Over the last two decades, researchers proposed plethora countermeasures to secure such implementations. However, design process and implementation are still error-prone, complex, manual tasks which require long-standing experience in hardware physical security. Moreover, validation claimed security often only done by empirical testing very late stage process. To prevent strategies,...

Fault injection attacks are considered as powerful techniques to successfully attack embedded cryptographic implementations since various fault mechanisms from simple clock glitches more advanced like laser can lead devastating attacks. Given these critical vectors, researchers came up with a long list of dedicated countermeasures thwart such However, the security validation proposed is mostly performed on custom adversary models that often not tightly coupled actual physical behavior...

Reconfigurability is a unique feature of modern FPGA devices to load hardware circuits just on demand. This also implies that completely different set might operate at the exact same location time slots, making it difficult for an external observer or attacker predict what will happen time. In this work we present and evaluate novel implementation lightweight cipher PRESENT with built-in side-channel countermeasures based dynamic logic reconfiguration. our design make use Configurable...

During the past two decades there has been a great deal of research published on masked hardware implementations AES and other cryptographic primitives. Unfortunately, many masking techniques can lead to increased latency compared unprotected circuits for algorithms such as AES, due high-degree nonlinear functions in their designs. In this paper, we present technique which does not increase algorithms. It is based LUT-based Masked Dual-Rail with Pre-charge Logic (LMDPL) presented at CHES...

For security-critical embedded applications Elliptic Curve Cryptography (ECC) has become the predominant cryptographic system for efficient key agreement and digital signatures. However, ECC still involves complex modular arithmetic that is a particular burden small processors. In this context, Bernstein proposed highly instance Curve25519 particularly enables software implementations at security level comparable to AES-128 with inherent resistance simple power analysis (SPA) timing attacks....

We present the family of authenticated encryption schemes SKINNY-AEAD and hashing SKINNY-Hash. All employ a member SKINNY tweakable block ciphers, which was presented at CRYPTO 2016, as underlying primitive. In particular, for encryption, we show how to instantiate members in Deoxys-I-like ΘCB3 framework fulfill submission requirements NIST lightweight cryptography standardization process. For hashing, use build function with larger internal state it sponge construction. To highlight...

Observation and manipulation of physical characteristics are well-known powerful threats to cryptographic devices. While countermeasures against passive side-channel active fault-injection attacks well understood individually, combined attacks, i.e., the combination fault injection analysis, is a mostly unexplored area. Naturally, complexity analysis secure construction increases with sophistication adversary, making scenario especially challenging. To tackle complexity, community has...

Physical attacks are well-known threats to cryptographic implementations. While countermeasures against passive Side-Channel Analysis (SCA) and active Fault Injection (FIA) exist individually, protecting their combination remains a significant challenge. A recent attempt at achieving joint security has been published CCS 2022 under the name CINI-MINIS. The authors introduce relevant notions aim construct arbitrary-order gadgets that remain trivially composable in presence of combined...

Physical attacks, including passive Side-Channel Analysis and active Fault Injection Analysis, are considered among the most powerful threats against physical cryptographic implementations. These attacks well known research provides many specialized countermeasures to protect implementations them. Still, only a limited number of combined countermeasures, i.e., that multiple simultaneously, were proposed in past. Due increasing complexity reciprocal effects, design efficient reliable requires...

Side-Channel Analysis (SCA) is a major threat to implementations of mathematically secure cryptographic algorithms. Applying masking countermeasures hardware-based both time-consuming and error-prone due side-effects buried deeply in the hardware design process. As consequence, we propose our novel framework Easi-Mask this work. Our semi-automated enables designers that have little experience with implementation or physical security application create securely masked from an abstract...

With RFC 7748 the two elliptic curves Curve25519 and Curve448 were proposed for next generation of TLS. Both designed optimized purely software implementation; their implementation in hardware or physical protection against side-channel attacks not considered design phase. Recently, it has been shown that an efficient implementations along with is feasible -- yet results high-security are missing. In this work we demonstrate can indeed be efficiently securely implemented hardware. We present...