Compiler assisted masking

Andrew D Moss, Elisabeth Oswald, Daniel Page, Mike Tunstall

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

58 Citations (Scopus)


Differential Power Analysis (DPA) attacks find a statistical
correlation between the power consumption of a cryptographic device
and intermediate values within the computation. Randomization via
(Boolean) masking of intermediate values breaks this statistical dependence
and thus prevents such attacks (at least up to a certain order). Especially
for software implementations, (first-order) masking schemes are
popular in academia and industry, albeit typically not as the sole countermeasure.
The current practice then is to manually ‘insert’ Boolean
masks: essentially software developers need to manipulate low-level assembly
language to implement masking. In this paper we make a first
step to automate this process, at least for first-order Boolean masking,
allowing the development of compilers capable of protecting programs
against DPA.
Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems - CHES
PublisherSpringer Berlin Heidelberg
ISBN (Print)9783642330261
Publication statusPublished - 2012


Dive into the research topics of 'Compiler assisted masking'. Together they form a unique fingerprint.

Cite this