A Tale of Resilience: On the Practical Security of Masked Software Implementations

Masking constitutes a provably-secure approach against side-channel attacks. However, recombination effects (e.g., transitions) severely reduce the proven security. Concerning the software domain, CPU microarchitectures encompass techniques improving the execution performances. Several studies show that such techniques induce recombination effects. Furthermore, these techniques implicitly induce some form of parallelism, and the potential associated threat has never been investigated. In addition, the practical security of masking relies on the chosen masking scheme. Few works analysed the security of software protected by different masking schemes, and none considered the parallelism threat. Thus, literature lacks of a more comprehensive investigation on the practical security of software implementations relying on various masking schemes in presence of micro-architecture-induced recombination effects and parallelism. This work performs a first step to fill this gap. Specifically, we evaluate the practical security offered by first-order Boolean, arithmetic-sum and inner-product masking against transitions and parallelism in software. We firstly assess the presence of transition and parallel-based leakages in software. Secondly, we evaluate the security of the encodings of the selected masking schemes with respect to each leakage source via micro-benchmarks. Thirdly, we assess the practical security of different AES-128 software implementations, one for each selected masking scheme. We carry out the investigation on the STM32F215 and STM32F303 micro-controllers. We show that 1) CPU's parallel features allow successful attacks against masked implementations resistant to transition-based leakages; 2) implementation choices (e.g., finite field multiplication) impact on the practical security of masked software implementations in presence of recombination effects.