Orthogonal Direct Sum Masking - Information Security Theory and Practice: Securing the Internet of Things Access content directly
Conference Papers Year : 2014

Orthogonal Direct Sum Masking


Secure elements, such as smartcards or trusted platform modules (TPMs), must be protected against implementation-level attacks. Those include side-channel and fault injection attacks. We introduce ODSM, Orthogonal Direct Sum Masking, a new computation paradigm that achieves protection against those two kinds of attacks. A large vector space is structured as two supplementary orthogonal subspaces. One subspace (called a code $\mathcal{C}$) is used for the functional computation, while the second subspace carries random numbers. As the random numbers are entangled with the sensitive data, ODSM ensures a protection against (monovariate) side-channel attacks. The random numbers can be checked either occasionally, or globally, thereby ensuring a detection capability. The security level can be formally detailed: it is proved that monovariate side-channel attacks of order up to $d_\mathcal{C}-1$, where $d_\mathcal{C}$ is the minimal distance of $\mathcal{C}$, are impossible, and that any fault of Hamming weight strictly less than $d_\mathcal{C}$ is detected. A complete instantiation of ODSM is given for AES. In this case, all monovariate side-channel attacks of order strictly less than 5 are impossible, and all fault injections perturbing strictly less than 5 bits are detected.
Fichier principal
Vignette du fichier
978-3-662-43826-8_4_Chapter.pdf (466.17 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01400919 , version 1 (22-11-2016)





Julien Bringer, Claude Carlet, Hervé Chabanne, Sylvain Guilley, Houssem Maghrebi. Orthogonal Direct Sum Masking. 8th IFIP International Workshop on Information Security Theory and Practice (WISTP), Jun 2014, Heraklion, Crete, Greece. pp.40-56, ⟨10.1007/978-3-662-43826-8_4⟩. ⟨hal-01400919⟩
290 View
340 Download



Gmail Facebook X LinkedIn More