A Masked Ring-LWE Implementation

被引:37
作者
Reparaz, Oscar [1 ]
Roy, Sujoy Sinha
Vercauteren, Frederik
Verbauwhede, Ingrid
机构
[1] Katholieke Univ Leuven, Dept Elect Engn, ESAT COSIC, Kasteelpk Arenberg 10, B-3001 Leuven Heverlee, Belgium
来源
CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2015 | 2015年 / 9293卷
基金
英国工程与自然科学研究理事会; 欧盟地平线“2020”;
关键词
POWER ANALYSIS;
D O I
10.1007/978-3-662-48324-4_34
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Lattice-based cryptography has been proposed as a postquantum public-key cryptosystem. In this paper, we present a masked ring-LWE decryption implementation resistant to first-order side-channel attacks. Our solution has the peculiarity that the entire computation is performed in the masked domain. This is achieved thanks to a new, bespoke masked decoder implementation. The output of the ring-LWE decryption are Boolean shares suitable for derivation of a symmetric key. We have implemented a hardware architecture of the masked ring-LWE processor on a Virtex-II FPGA, and have performed side channel analysis to confirm the soundness of our approach. The area of the protected architecture is around 2000 LUTs, a 20% increase with respect to the unprotected architecture. The protected implementation takes 7478 cycles to compute, which is only a factor x2.6 larger than the unprotected implementation.
引用
收藏
页码:683 / 702
页数:20
相关论文
共 26 条
[1]  
[Anonymous], 2014, IACR CRYPTOL EPRINT
[2]  
Bernstein D. J., 2008, Post Quantum Cryptography, V1st
[3]  
Bilgin B, 2014, LECT NOTES COMPUT SC, V8874, P326, DOI 10.1007/978-3-662-45608-8_18
[4]  
Bos Joppe W., 2013, Cryptography and Coding. 14th IMA International Conference, IMACC 2013. Proceedings: LNCS 8308, P45, DOI 10.1007/978-3-642-45239-0_4
[5]   FPGA implementations of SPRING and their countermeasures against side-channel attacks [J].
Brenner, Hai ;
Gaspar, Lubos ;
Leurent, Gaëetan ;
Rosen, Alon ;
Standaert, François-Xavier .
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2014, 8731 :414-432
[6]   Correlation power analysis with a leakage model [J].
Brier, E ;
Clavier, C ;
Olivier, F .
CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2004, PROCEEDINGS, 2004, 3156 :16-29
[7]  
Chari S., 1999, Advances in Cryptology - CRYPTO'99. 19th Annual International Cryptology Conference. Proceedings, P398
[8]  
Coron JS, 2014, LECT NOTES COMPUT SC, V8441, P441, DOI 10.1007/978-3-642-55220-5_25
[9]  
Ducas L, 2013, LECT NOTES COMPUT SC, V8042, P40, DOI 10.1007/978-3-642-40041-4_3
[10]  
Fan Junfeng, 2012, IACR Cryptol. ePrint Arch., V144
123