Lightweight Conversion from Arithmetic to Boolean Masking for Embedded IoT Processor
- Authors
- Kim, Hanbit; Hong, Seokhie; Kim, HeeSeok
- Issue Date
- 1-Apr-2019
- Publisher
- MDPI
- Keywords
- ARX block ciphers; Arithmetic to Boolean masking; side-channel attacks
- Citation
- APPLIED SCIENCES-BASEL, v.9, no.7
- Indexed
- SCIE
SCOPUS
- Journal Title
- APPLIED SCIENCES-BASEL
- Volume
- 9
- Number
- 7
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/66085
- DOI
- 10.3390/app9071438
- ISSN
- 2076-3417
- Abstract
- A masking method is a widely known countermeasure against side-channel attacks. To apply a masking method to cryptosystems consisting of Boolean and arithmetic operations, such as ARX (Addition, Rotation, XOR) block ciphers, a masking conversion algorithm should be used. Masking conversion algorithms can be classified into two categories: Boolean to Arithmetic (B2A) and Arithmetic to Boolean (A2B). The A2B algorithm generally requires more execution time than the B2A algorithm. Using pre-computation tables, the A2B algorithm substantially reduces its execution time, although it requires additional space in RAM. In CHES2012, B. Debraize proposed a conversion algorithm that somewhat reduced the memory cost of using pre-computation tables. However, they still require (2(k+1)) entries of length (k+1)-bit where k denotes the size of the processed data. In this paper, we propose a low-memory algorithm to convert A2B masking that requires only (2k)(k)-bit. Our contributions are three-fold. First, we specifically show how to reduce the pre-computation table from (k+1)-bit to (k)-bit, as a result, the memory use for the pre-computation table is reduced from (2(k+1))(k+1)-bit to (2k)(k)-bit. Second, we optimize the execution times of the pre-computation phase and the conversion phase, and determine that our pre-computation algorithm requires approximately half of the operations than Debraize's algorithm. The results of the 8/16/32-bit simulation show improved speed in the pre-computation phase and the conversion phase as compared to Debraize's results. Finally, we verify the security of the algorithm against side-channel attacks as well as the soundness of the proposed algorithm.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
- Graduate School > Department of Cyber Security > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholar.korea.ac.kr/handle/2021.sw.korea/66085)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.