August 25-28, 2020 | Hyatt Regency Bethesda, Maryland, USA

Switching Blindings: Higher Order Side Channel Resistant Conversion of Boolean to Arithmetic Masking and Vice-Versa (G12b)

29 Apr 2020
14:30-15:00
Congressional/Old Georgetown Room

Switching Blindings: Higher Order Side Channel Resistant Conversion of Boolean to Arithmetic Masking and Vice-Versa (G12b)

Side channel attacks are a severe threat for implementations of cryptographic algorithms. As a countermeasure masking schemes are introduced to randomize the data that causes the leakage of the device. Depending on the algorithm different masking schemes such as Boolean or arithmetic masking are more suitable. But, for some algorithms especially for hash functions both masking schemes are necessary as well as a conversion between the different schemes. In 2018 Luk Bettale et al. presented a higher order side channel resistant conversion from Boolean to arithmetic masking. In this paper a different approach was chosen which needs less clock cycles and less randomness for the mask conversion. Furthermore, a first implementation for a second order resistant conversion from arithmetic to Boolean masking is given. This closes the gap to efficiently implement higher order side channel resistant implementations of hash functions or other cryptographic algorithms, where both directions of mask conversions are required.