Advertisement

New Instantiations of the CRYPTO 2017 Masking Schemes

  • Pierre KarpmanEmail author
  • Daniel S. RocheEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11273)

Abstract

At CRYPTO 2017, Belaïd et al. presented two new private multiplication algorithms over finite fields, to be used in secure masking schemes. To date, these algorithms have the lowest known complexity in terms of bilinear multiplication and random masks respectively, both being linear in the number of shares \(d+1\). Yet, a practical drawback of both algorithms is that their safe instantiation relies on finding matrices satisfying certain conditions. In their work, Belaïd et al. only address these up to \(d=2\) and 3 for the first and second algorithm respectively, limiting so far the practical usefulness of their constructions.

In this paper, we use in turn an algebraic, heuristic, and experimental approach to find many more safe instances of Belaïd et al.’s algorithms. This results in explicit instantiations up to order \(d = 6\) over large fields, and up to \(d = 4\) over practically relevant fields such as \(\mathbb {F}_{2^8}\).

Keywords

Masking Linear algebra MDS matrices 

Notes

Acknowledgements

We thank Daniel Augot for the interesting discussions we had in the early stages of this work.

This work was performed while the second author was graciously hosted by the Laboratoire Jean Kuntzmann at the Université Grenoble Alpes.

The first author was supported in part by the French National Research Agency through the framework of the “Investissements d’avenir” program (ANR-15-IDEX-02).

The second author was supported in part by the National Science Foundation under grants #1319994 and #1618269, and in part by the Office of Naval Research award #N0001417WX01516.

Some of the computations were performed using the Grace supercomputer hosted by the U.S. Naval Academy Center for High Performance Computing, with funding from the DoD HPC Modernization Program.

References

  1. [Alb13]
    Albrecht, M.: The M4RIE library, The M4RIE Team (2013)Google Scholar
  2. [BBD+16]
    Barthe, G., et al.: Strong non-interference and type-directed higher-order masking. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 116–129. ACM (2016)Google Scholar
  3. [BBP+16]
    Belaïd, S., Benhamouda, F., Passelègue, A., Prouff, E., Thillard, A., Vergnaud, D.: Randomness complexity of private circuits for multiplication. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 616–648. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_22CrossRefGoogle Scholar
  4. [BBP+17]
    Belaïd, S., Benhamouda, F., Passelègue, A., Prouff, E., Thillard, A., Vergnaud, D.: Private multiplication over finite fields. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 397–426. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63697-9_14CrossRefGoogle Scholar
  5. [CJRR99]
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks, in Wiener [Wie99], pp. 398–412CrossRefGoogle Scholar
  6. [CPRR16]
    Carlet, C., Prouff, E., Rivain, M., Roche, T.: Algebraic Decomposition for Probing Security. IACR Cryptology ePrint Archive 2016, 321 (2016)Google Scholar
  7. [GP99]
    Goubin, L., Patarin, J.: DES and differential power analysis the “Duplication” method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48059-5_15CrossRefzbMATHGoogle Scholar
  8. [ISW03]
    Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_27CrossRefGoogle Scholar
  9. [KJJ99]
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis, in Wiener [Wie99], pp. 388–397CrossRefGoogle Scholar
  10. [KR18]
    Karpman, P., Roche, D.S.: New Instantiations of the CRYPTO 2017 Masking Schemes. IACR Cryptology ePrint Archive 2018, 492 (2018)Google Scholar
  11. [MS06]
    MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes, 12th edn. North-Holland Mathematical Library, North-Holland (2006)zbMATHGoogle Scholar
  12. [RS85]
    Roth, R.M., Seroussi, G.: On generator matrices of MDS codes. IEEE Trans. Inf. Theor. 31(6), 826–830 (1985)MathSciNetCrossRefGoogle Scholar
  13. [Sag16]
    The Sage Developers: Sagemath, the Sage Mathematics Software System (Version 7.4) (2016)Google Scholar
  14. [Sch80]
    Schwartz, J.T.: Fast probabilistic algorithms for verification of polynomial identities. J. ACM 27(4), 701–717 (1980)MathSciNetCrossRefGoogle Scholar
  15. [Wie99]
    Wiener, Michael (ed.): CRYPTO 1999. LNCS, vol. 1666. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1CrossRefzbMATHGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.Univ. Grenoble Alpes, CNRSGrenobleFrance
  2. 2.INP, Institute of Engineering Univ. Grenoble Alpes, LJKGrenobleFrance
  3. 3.United States Naval AcademyAnnapolisUSA

Personalised recommendations