Higher-Order Masked Saber
Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effective and provably secure countermeasure against side-channel attacks is masking. In this work, we present a detailed study of higher-order masking techniques for the key-encapsulation mechanism Saber...
Saved in:
| Published in | Security and Cryptography for Networks pp. 93 - 116 |
|---|---|
| Main Authors | , , , , |
| Format | Book Chapter |
| Language | English |
| Published |
Cham
Springer International Publishing
2022
|
| Series | Lecture Notes in Computer Science |
| Subjects | |
| Online Access | Get full text |
| ISBN | 9783031147906 3031147901 |
| ISSN | 0302-9743 1611-3349 |
| DOI | 10.1007/978-3-031-14791-3_5 |
Cover
Loading…
| Abstract | Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effective and provably secure countermeasure against side-channel attacks is masking. In this work, we present a detailed study of higher-order masking techniques for the key-encapsulation mechanism Saber. Saber is one of the lattice-based finalist candidates in the National Institute of Standards of Technology’s post-quantum standardization procedure. We provide a detailed analysis of different masking algorithms proposed for Saber in the recent past and propose an optimized implementation of higher-order masked Saber. Our proposed techniques for first-, second-, and third-order masked Saber have performance overheads of 2.7x, 5x, and 7.7x respectively compared to the unmasked Saber. We show that compared to Kyber which is another lattice-based finalist scheme, Saber’s performance degrades less with an increase in the order of masking. We also show that higher-order masked Saber needs fewer random bytes than higher-order masked Kyber. Additionally, we adapt our masked implementation to uSaber, a variant of Saber that was specifically designed to allow an efficient masked implementation. We present the first masked implementation of uSaber, showing that it indeed outperforms masked Saber by at least 12% for any order. We provide optimized implementations of all our proposed masking schemes on ARM Cortex-M4 microcontrollers. |
|---|---|
| AbstractList | Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effective and provably secure countermeasure against side-channel attacks is masking. In this work, we present a detailed study of higher-order masking techniques for the key-encapsulation mechanism Saber. Saber is one of the lattice-based finalist candidates in the National Institute of Standards of Technology’s post-quantum standardization procedure. We provide a detailed analysis of different masking algorithms proposed for Saber in the recent past and propose an optimized implementation of higher-order masked Saber. Our proposed techniques for first-, second-, and third-order masked Saber have performance overheads of 2.7x, 5x, and 7.7x respectively compared to the unmasked Saber. We show that compared to Kyber which is another lattice-based finalist scheme, Saber’s performance degrades less with an increase in the order of masking. We also show that higher-order masked Saber needs fewer random bytes than higher-order masked Kyber. Additionally, we adapt our masked implementation to uSaber, a variant of Saber that was specifically designed to allow an efficient masked implementation. We present the first masked implementation of uSaber, showing that it indeed outperforms masked Saber by at least 12% for any order. We provide optimized implementations of all our proposed masking schemes on ARM Cortex-M4 microcontrollers. |
| Author | D’Anvers, Jan-Pieter Van Beirendonck, Michiel Verbauwhede, Ingrid Karmakar, Angshuman Kundu, Suparna |
| Author_xml | – sequence: 1 givenname: Suparna orcidid: 0000-0003-4354-852X surname: Kundu fullname: Kundu, Suparna email: suparna.kundu@esat.kuleuven.be – sequence: 2 givenname: Jan-Pieter orcidid: 0000-0001-9675-7988 surname: D’Anvers fullname: D’Anvers, Jan-Pieter – sequence: 3 givenname: Michiel orcidid: 0000-0002-5131-8030 surname: Van Beirendonck fullname: Van Beirendonck, Michiel – sequence: 4 givenname: Angshuman orcidid: 0000-0003-2594-588X surname: Karmakar fullname: Karmakar, Angshuman – sequence: 5 givenname: Ingrid orcidid: 0000-0002-0879-076X surname: Verbauwhede fullname: Verbauwhede, Ingrid |
| BookMark | eNo1j81KAzEQx0et4LbuA4iXvkB0ZiebbI5S1AqVHlTwFjabpNbKVhLfH2PV0_9rGPhNYTLuxwBwSXhFiPra6E6wQCZBUhsSbNsjmHIpDvn1GCpSVHqW5gTqcv6_oZpAhYyNMFryGdQ5vyNio5kNcQUXy-3mLSSxTj6k-WOfd8HPn3oX0jmcxv4jh_pPZ_Byd_u8WIrV-v5hcbMSmYz-Ev0QFQUjlQmyRRU7LZtBKRwihxjYczuwkdExkjPeO-TYS901krSX2hmeAf3-zZ9pO25Csm6_32VLaH_YbYGxbAuOPbAW3_I3yIhHKA |
| ContentType | Book Chapter |
| Copyright | The Author(s), under exclusive license to Springer Nature Switzerland AG 2022 |
| Copyright_xml | – notice: The Author(s), under exclusive license to Springer Nature Switzerland AG 2022 |
| DOI | 10.1007/978-3-031-14791-3_5 |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Mathematics Computer Science |
| EISBN | 303114791X 9783031147913 |
| EISSN | 1611-3349 |
| Editor | Galdi, Clemente Jarecki, Stanislaw |
| Editor_xml | – sequence: 1 givenname: Clemente orcidid: 0000-0002-2988-700X surname: Galdi fullname: Galdi, Clemente email: clgaldi@unisa.it – sequence: 2 givenname: Stanislaw orcidid: 0000-0002-5055-2407 surname: Jarecki fullname: Jarecki, Stanislaw email: stasio@ics.uci.edu |
| EndPage | 116 |
| GroupedDBID | -DT -GH -~X 1SB 29L 2HA 2HV 5QI 875 AASHB ABMNI ACGFS ADCXD AEFIE ALMA_UNASSIGNED_HOLDINGS EJD F5P FEDTE HVGLF LAS LDH P2P RIG RNI RSU SVGTG VI1 ~02 |
| ID | FETCH-LOGICAL-s197t-acf61e9469e4506f8742c660cf3efe3d35c394fb301b9ddb03fa4782417d47b93 |
| ISBN | 9783031147906 3031147901 |
| ISSN | 0302-9743 |
| IngestDate | Tue Jul 29 20:22:00 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-s197t-acf61e9469e4506f8742c660cf3efe3d35c394fb301b9ddb03fa4782417d47b93 |
| ORCID | 0000-0001-9675-7988 0000-0003-4354-852X 0000-0002-0879-076X 0000-0003-2594-588X 0000-0002-5131-8030 |
| PageCount | 24 |
| ParticipantIDs | springer_books_10_1007_978_3_031_14791_3_5 |
| PublicationCentury | 2000 |
| PublicationDate | 2022 |
| PublicationDateYYYYMMDD | 2022-01-01 |
| PublicationDate_xml | – year: 2022 text: 2022 |
| PublicationDecade | 2020 |
| PublicationPlace | Cham |
| PublicationPlace_xml | – name: Cham |
| PublicationSeriesTitle | Lecture Notes in Computer Science |
| PublicationSeriesTitleAlternate | Lect.Notes Computer |
| PublicationSubtitle | 13th International Conference, SCN 2022, Amalfi (SA), Italy, September 12–14, 2022, Proceedings |
| PublicationTitle | Security and Cryptography for Networks |
| PublicationYear | 2022 |
| Publisher | Springer International Publishing |
| Publisher_xml | – name: Springer International Publishing |
| RelatedPersons | Hartmanis, Juris Gao, Wen Steffen, Bernhard Bertino, Elisa Goos, Gerhard Yung, Moti |
| RelatedPersons_xml | – sequence: 1 givenname: Gerhard surname: Goos fullname: Goos, Gerhard – sequence: 2 givenname: Juris surname: Hartmanis fullname: Hartmanis, Juris – sequence: 3 givenname: Elisa surname: Bertino fullname: Bertino, Elisa – sequence: 4 givenname: Wen surname: Gao fullname: Gao, Wen – sequence: 5 givenname: Bernhard orcidid: 0000-0001-9619-1558 surname: Steffen fullname: Steffen, Bernhard – sequence: 6 givenname: Moti orcidid: 0000-0003-0848-0873 surname: Yung fullname: Yung, Moti |
| SSID | ssj0002733913 ssj0002792 |
| Score | 2.1490328 |
| Snippet | Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effective and provably secure countermeasure against... |
| SourceID | springer |
| SourceType | Publisher |
| StartPage | 93 |
| SubjectTerms | Higher-order masking Key-encapsulation mechanism Post-quantum cryptography Saber |
| Title | Higher-Order Masked Saber |
| URI | http://link.springer.com/10.1007/978-3-031-14791-3_5 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1Nb9QwELW2y6VwAAqI8qUcOFEZJbHjxAcOSymqlu7Coa16i2zHqVaVstUmi9T-AH4349jOulsu5RIlURQnM8l4PPPmDUIfE5lyQXWFYWrPMJUywZIrglNJJFVMFYUwC8XZnB2f0elFdjEa_QlQS-tOfla3_6wr-R-twjnQq6mSfYBmh5vCCdgH_cIWNAzbLef3bpjV1nC4znN9-P9wdXPdOfbpHjk4t_DuIFXTVGsLw7kWq2Ywxt882oFPmt-uX9pUNPjXIgTunoMV-KoXBj-7bKwBNRjShR7wGT9MaPzKorUnzWXb9_4Lv0cLKME_DdXnwUy0V8bTFdKNYcSl2y8nLqMxX3Y9UOzAN53wNigMUqTpVpDCBym3wpybSNudVS3MqrBKy3nMAmNIwHLD2scaQ22NNTMUjMRSnjoDzEkwlSe2jPPeLBECQ2AsbAaDO5XZDtrJi2yMHk2OpifnQ6wOXDzSZ3N3_TF32Sn7TKZmyD9zYlmdNu8wUF1ZNuOtEe8l4Hu_5vQZemJqXSJThAISe45GutlDT73QIyf0PfR4NrD7ti_QfqjLyOoy6nX5Ep19Pzo9PMauxQZuE553WKiaJZpTxjXNYlYXOU0VY7Gqia41qUimCKe1hGlA8qqSMakFBaeSJnlFc8nJKzRulo1-jSKS5royPPTg8lAdxzKuVFzFnMpcZAVX--iTf9PS_DRt6RmzQSwlKUEsZS8W2M_ePOTit2h38829Q-NutdbvwVXs5Aenyb8BvF0c |
| linkProvider | Library Specific Holdings |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.title=Security+and+Cryptography+for+Networks&rft.au=Kundu%2C+Suparna&rft.au=D%E2%80%99Anvers%2C+Jan-Pieter&rft.au=Van+Beirendonck%2C+Michiel&rft.au=Karmakar%2C+Angshuman&rft.atitle=Higher-Order+Masked+Saber&rft.series=Lecture+Notes+in+Computer+Science&rft.date=2022-01-01&rft.pub=Springer+International+Publishing&rft.isbn=9783031147906&rft.issn=0302-9743&rft.eissn=1611-3349&rft.spage=93&rft.epage=116&rft_id=info:doi/10.1007%2F978-3-031-14791-3_5 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0302-9743&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0302-9743&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0302-9743&client=summon |