Paper 2023/724
Not so Difficult in the End: Breaking the Lookup Table-based Affine Masking Scheme
, Radboud University Nijmegen, Radboud University NijmegenAbstract
The lookup table-based masking countermeasure is prevalent in real-world applications due to its potent resistance against side-channel attacks and low computational cost. The ASCADv2 dataset, for instance, ranks among the most secure publicly available datasets today due to two layers of countermeasures: lookup table-based affine masking and shuffling. Current attack approaches rely on strong assumptions. In addition to requiring access to the source code, an adversary would also need prior knowledge of random shares. This paper forgoes reliance on such knowledge and proposes two attack approaches based on the vulnerabilities of the lookup table-based affine masking implementation. As a result, the first attack can retrieve all secret keys' reliance in less than a minute without knowing mask shares. Although the second attack is not entirely successful in recovering all keys, we believe more traces would help make such an attack fully functional.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. Minor revision. Selected Areas in Cryptography (SAC)
- Keywords
- Side-channel analysisSide-channel collision attackCorrelation
- Contact author(s)
-
lichao wu9 @ gmail com
guilhermeperin7 @ gmail com
picek stjepan @ gmail com - History
- 2023-09-27: revised
- 2023-05-19: received
- See all versions
- Short URL
- https://ia.cr/2023/724
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/724,
author = {Lichao Wu and Guilherme Perin and Stjepan Picek},
title = {Not so Difficult in the End: Breaking the Lookup Table-based Affine Masking Scheme},
howpublished = {Cryptology ePrint Archive, Paper 2023/724},
year = {2023},
note = {\url{https://eprint.iacr.org/2023/724}},
url = {https://eprint.iacr.org/2023/724}
}
