eLIMInate: a Leakage-focused ISE for Masked Implementation

Daniel Page; Hao Cheng; Weijia Wang

doi:10.46586/tches.v2024.i2.329-358

eLIMInate: a Leakage-focused ISE for Masked Implementation

Daniel Page, Hao Cheng, Weijia Wang

Research output: Contribution to journal › Article (Academic Journal) › peer-review

2 Citations (Scopus)

Abstract

Even given a state-of-the-art masking scheme, masked software implementation of some cryptography functionality can pose significant challenges stemming, e.g., from simultaneous requirements for efficiency and security. In this paper we design an Instruction Set Extension (ISE) to address a specific element of said challenge, namely the elimination of leakage stemming from architectural and microarchitectural overwriting. Conceptually, the ISE allows a leakage-focused behavioural hint to be communicated from software to the micro-architecture: using it informs how computation is realised when applied to masking-specific data, which then offers an opportunity to eliminate associated leakage. We develop prototype, latencyand area-optimised implementations of the ISE design based on the RISC-V Ibex core. Using them, we demonstrate that use of the ISE can close the gap between assumptions about and actual behaviour of a device and thereby deliver an improved security guarantee.

Original language	English
Pages (from-to)	329-358
Number of pages	30
Journal	IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)
Volume	2024
Issue number	2
DOIs	https://doi.org/10.46586/tches.v2024.i2.329-358
Publication status	Published - 12 Mar 2024

Bibliographical note

Publisher Copyright:
© 2024, Ruhr-University of Bochum. All rights reserved.

Keywords

side-channel attack, masking, RISC-V, ISE

Access to Document

10.46586/tches.v2024.i2.329-358Licence: CC BY

Handle.net

Persistent link

SCARV: A side-channel hardened RISC-V platform
Page, D. (Principal Investigator)
1/02/18 → 31/01/24
Project: Research

Cite this

@article{8bbc580527c447499dc540100b902f63,

title = "eLIMInate: a Leakage-focused ISE for Masked Implementation",

abstract = "Even given a state-of-the-art masking scheme, masked software implementation of some cryptography functionality can pose significant challenges stemming, e.g., from simultaneous requirements for efficiency and security. In this paper we design an Instruction Set Extension (ISE) to address a specific element of said challenge, namely the elimination of leakage stemming from architectural and microarchitectural overwriting. Conceptually, the ISE allows a leakage-focused behavioural hint to be communicated from software to the micro-architecture: using it informs how computation is realised when applied to masking-specific data, which then offers an opportunity to eliminate associated leakage. We develop prototype, latencyand area-optimised implementations of the ISE design based on the RISC-V Ibex core. Using them, we demonstrate that use of the ISE can close the gap between assumptions about and actual behaviour of a device and thereby deliver an improved security guarantee.",

keywords = "side-channel attack, masking, RISC-V, ISE",

author = "Daniel Page and Hao Cheng and Weijia Wang",

year = "2024",

month = mar,

day = "12",

doi = "10.46586/tches.v2024.i2.329-358",

language = "English",

volume = "2024",

pages = "329--358",

journal = "IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)",

issn = "2569-2925",

number = "2",

}

TY - JOUR

T1 - eLIMInate: a Leakage-focused ISE for Masked Implementation

AU - Page, Daniel

AU - Cheng, Hao

AU - Wang, Weijia

PY - 2024/3/12

Y1 - 2024/3/12

N2 - Even given a state-of-the-art masking scheme, masked software implementation of some cryptography functionality can pose significant challenges stemming, e.g., from simultaneous requirements for efficiency and security. In this paper we design an Instruction Set Extension (ISE) to address a specific element of said challenge, namely the elimination of leakage stemming from architectural and microarchitectural overwriting. Conceptually, the ISE allows a leakage-focused behavioural hint to be communicated from software to the micro-architecture: using it informs how computation is realised when applied to masking-specific data, which then offers an opportunity to eliminate associated leakage. We develop prototype, latencyand area-optimised implementations of the ISE design based on the RISC-V Ibex core. Using them, we demonstrate that use of the ISE can close the gap between assumptions about and actual behaviour of a device and thereby deliver an improved security guarantee.

AB - Even given a state-of-the-art masking scheme, masked software implementation of some cryptography functionality can pose significant challenges stemming, e.g., from simultaneous requirements for efficiency and security. In this paper we design an Instruction Set Extension (ISE) to address a specific element of said challenge, namely the elimination of leakage stemming from architectural and microarchitectural overwriting. Conceptually, the ISE allows a leakage-focused behavioural hint to be communicated from software to the micro-architecture: using it informs how computation is realised when applied to masking-specific data, which then offers an opportunity to eliminate associated leakage. We develop prototype, latencyand area-optimised implementations of the ISE design based on the RISC-V Ibex core. Using them, we demonstrate that use of the ISE can close the gap between assumptions about and actual behaviour of a device and thereby deliver an improved security guarantee.

KW - side-channel attack, masking, RISC-V, ISE

U2 - 10.46586/tches.v2024.i2.329-358

DO - 10.46586/tches.v2024.i2.329-358

M3 - Article (Academic Journal)

SN - 2569-2925

VL - 2024

SP - 329

EP - 358

JO - IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)

JF - IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)

IS - 2

ER -

eLIMInate: a Leakage-focused ISE for Masked Implementation

Abstract

Bibliographical note

Keywords

Access to Document

Handle.net

Fingerprint

Projects

SCARV: A side-channel hardened RISC-V platform

Cite this