Fault-Assisted Side-Channel Analysis of Masked Implementations

Masking is a side-channel countermeasure technique that uses random masks to split sensitive cryptographic variables into multiple shares. The side-channel leakage from individual shares does not reveal the sensitive variable because the random masks are secret. We propose a methodology to identify the generation and integration of random masks in cryptographic software by means of side-channel analysis. We then disable the randomizing effect of masking by targeted fault injection, and we break the masking countermeasure using first-order side-channel analysis. This attack is practically demonstrated on a RISC-V core for two different masked AES software implementations. We achieve full key recovery using 300 traces and 230 traces for a byte-level masked AES and a bit-sliced masked AES implementation respectively. The proposed attack methodology is independent of the cryptographic kernel. It targets the transfer of random masks into the masked cryptographic algorithm. This paper highlights the vulnerability of random number generation in masked implementations.