Shuffle and Mix:On the Diffusion of Randomness in TI of Keccak
COSADE 2019, Darmstadt
Felix Wegener, Christian Baiker, Amir MoradiRuhr University Bochum, Horst Görtz Institute for IT-Security, Germany
2Shuffle and Mix | COSADE 2019 | Darmstadt
Motivation
MAC
𝐾
𝑚𝑠𝑔 𝑚𝑎𝑐
3Shuffle and Mix | COSADE 2019 | Darmstadt
Motivation
MAC
𝐾
𝑚𝑠𝑔
𝑙(𝑚𝑠𝑔, 𝐾)
𝑚𝑎𝑐
4Shuffle and Mix | COSADE 2019 | Darmstadt
Motivation
MAC
𝐾
𝑚𝑠𝑔 𝑚𝑎𝑐 = 𝐻(𝐾||𝑚𝑠𝑔)
𝑙(𝑚𝑠𝑔, 𝐾)
Countermeasures
Masking: Make intermediate value independent of secretHiding: Lower SNR
5Shuffle and Mix | COSADE 2019 | Darmstadt
Masking
6Shuffle and Mix | COSADE 2019 | Darmstadt
• Core Idea: Secret 𝑥 multiple shares X = 𝑎, 𝑏, 𝑐 :
𝑥 = 𝑎 ⊕ 𝑏⊕ 𝑐
Boolean Masking
7Shuffle and Mix | COSADE 2019 | Darmstadt
• Core Idea: Secret 𝑥 multiple shares X = 𝑎, 𝑏, 𝑐 :
𝑥 = 𝑎 ⊕ 𝑏⊕ 𝑐
Boolean Masking
𝑎 𝑏 𝑐
8Shuffle and Mix | COSADE 2019 | Darmstadt
• Core Idea: Secret 𝑥 multiple shares X = 𝑎, 𝑏, 𝑐 :
𝑥 = 𝑎 ⊕ 𝑏⊕ 𝑐
• Problem: How to compute a function 𝑓 on shared values?
Boolean Masking
𝑎 𝑏 𝑐
9Shuffle and Mix | COSADE 2019 | Darmstadt
• Core Idea: Secret 𝑥 multiple shares X = 𝑎, 𝑏, 𝑐 :
𝑥 = 𝑎 ⊕ 𝑏⊕ 𝑐
• Problem: How to compute a function 𝑓 on shared values?
• In Hardware: Even more difficult due to glitches
Boolean Masking
𝑎 𝑏 𝑐
10Shuffle and Mix | COSADE 2019 | Darmstadt
• Core Idea: Secret 𝑥 multiple shares X = 𝑎, 𝑏, 𝑐 :
𝑥 = 𝑎 ⊕ 𝑏⊕ 𝑐
• Problem: How to compute a function 𝑓 on shared values?
• In Hardware: Even more difficult due to glitches
Boolean Masking
𝑎 𝑏 𝑐
Solution:Threshold Implementations
11Shuffle and Mix | COSADE 2019 | Darmstadt
Three properties for first-order securecomputations
• Correctness𝐴, 𝐵, 𝐶 = 𝐹(𝑎, 𝑏, 𝑐)𝑓(𝑥) = 𝐴⊕𝐵⊕ 𝐶
Threshold Implementations
Nikova, Rechberger, Rijmen. Threshold Implementations Against Side-Channel Attacks and Glitches, ICICS 2006
12Shuffle and Mix | COSADE 2019 | Darmstadt
Three properties for first-order securecomputations
• Correctness𝐴, 𝐵, 𝐶 = 𝐹(𝑎, 𝑏, 𝑐)𝑓(𝑥) = 𝐴⊕𝐵⊕ 𝐶
• Non-completeness
Threshold Implementations
Nikova, Rechberger, Rijmen. Threshold Implementations Against Side-Channel Attacks and Glitches, ICICS 2006
𝑎
𝑏
𝑐
𝐹𝐴
𝐹𝐵
𝐹𝐶
𝐴
𝐵
𝐶
13Shuffle and Mix | COSADE 2019 | Darmstadt
Three properties for first-order securecomputations
• Correctness𝐴, 𝐵, 𝐶 = 𝐹(𝑎, 𝑏, 𝑐)𝑓(𝑥) = 𝐴⊕𝐵⊕ 𝐶
• Non-completeness
Threshold Implementations
Nikova, Rechberger, Rijmen. Threshold Implementations Against Side-Channel Attacks and Glitches, ICICS 2006
• Uniformity
𝑎
𝑏
𝑐
𝐹𝐴
𝐹𝐵
𝐹𝐶
𝐴
𝐵
𝐶
masks
#
masks
#𝐹
𝑥
𝑓(𝑥)
14Shuffle and Mix | COSADE 2019 | Darmstadt
• Locally:
Why Uniformity?
Theorem: If 𝐹 is• correct• non-complete• Input is masked uniformlyThen:
Evaluation is first-order secure
15Shuffle and Mix | COSADE 2019 | Darmstadt
• Locally:
Why Uniformity?
Theorem: If 𝐹 is• correct• non-complete• Input is masked uniformlyThen:
Evaluation is first-order secure
Uniform output not needed
16Shuffle and Mix | COSADE 2019 | Darmstadt
• Locally:
Why Uniformity?
• Globally:
Iterated Round-function
Theorem: If 𝐹 is• correct• non-complete• Input is masked uniformlyThen:
Evaluation is first-order secure
Uniform output not needed
𝐹
17Shuffle and Mix | COSADE 2019 | Darmstadt
• Locally:
Why Uniformity?
• Globally:
Iterated Round-function
Theorem: If 𝐹 is• correct• non-complete• Input is masked uniformlyThen:
Evaluation is first-order secure
Uniform output not needed
𝐹
Uniform output needed
18Shuffle and Mix | COSADE 2019 | Darmstadt
Keccak
19Shuffle and Mix | COSADE 2019 | Darmstadt
• Sponge-based Hashfunction
• SHA3 in 2015
Keccak
Bertoni et al. Cryptographic Sponge Functions. Keccak.team
20Shuffle and Mix | COSADE 2019 | Darmstadt
• Sponge-based Hashfunction
• SHA3 in 2015
Keccak
Bertoni et al. Cryptographic Sponge Functions. Keccak.team
Keccak-f[b]:
• 𝑏 = 25 ⋅ 2𝑙 , 𝑙 = 0,… , 6
• 𝑛𝑟 = 12 + 2𝑙
• 𝑅 = 𝜄 ∘ 𝜒 ∘ 𝜋 ∘ 𝜌 ∘ 𝜃
21Shuffle and Mix | COSADE 2019 | Darmstadt
• Sponge-based Hashfunction
• SHA3 in 2015
Keccak
Bertoni et al. Cryptographic Sponge Functions. Keccak.team
Keccak-f[b]:
• 𝑏 = 25 ⋅ 2𝑙 , 𝑙 = 0,… , 6
• 𝑛𝑟 = 12 + 2𝑙
• 𝑅 = 𝜄 ∘ 𝜒 ∘ 𝜋 ∘ 𝜌 ∘ 𝜃
Here:Keccak-f[200]
18 rounds
22Shuffle and Mix | COSADE 2019 | Darmstadt
How to mask Keccak-f?
23Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer
𝜃
𝜌 𝜋
𝜄
24Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer
𝜃
𝜌 𝜋
𝜄
Use linearity:𝐿 𝑥1 ⊕𝑥2 ⊕𝑥3 =𝐿 𝑥1) ⊕ 𝐿(𝑥2) ⊕ 𝐿(𝑥3
Replication without modification
25Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝝌
26Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
27Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
One Coordinate function:𝑦0 = 𝑥0 ⊕ [ 1⊕ 𝑥1 ∧ 𝑥2]
= 𝑥0 ⊕ (𝑥1 ∧ 𝑥2) ⊕ 𝑥2
28Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
One Coordinate function:𝑦0 = 𝑥0 ⊕ [ 1⊕ 𝑥1 ∧ 𝑥2]
= 𝑥0 ⊕ (𝑥1 ∧ 𝑥2) ⊕ 𝑥2
Bertoni, Daemen, Peeters, Van Assche: Keccak. EUROCRYPT 2013
Direct Sharing of 𝜒:𝐴𝑖 = 𝑏𝑖 ⊕ 𝑏𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑏𝑖+2 ⊕𝑏𝑖+2𝐵𝑖 = 𝑐𝑖 ⊕ 𝑐𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+2𝐶𝑖= 𝑎𝑖 ⊕ 𝑎𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑎𝑖+2 ⊕𝑎𝑖+2
29Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
Bertoni, Daemen, Peeters, Van Assche: Keccak. EUROCRYPT 2013
Direct Sharing of 𝜒:𝐴𝑖 = 𝑏𝑖 ⊕ 𝑏𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑏𝑖+2 ⊕𝑏𝑖+2𝐵𝑖 = 𝑐𝑖 ⊕ 𝑐𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+2𝐶𝑖= 𝑎𝑖 ⊕ 𝑎𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑎𝑖+2 ⊕𝑎𝑖+2
Non-complete✔
30Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
Bertoni, Daemen, Peeters, Van Assche: Keccak. EUROCRYPT 2013
Direct Sharing of 𝜒:𝐴𝑖 = 𝑏𝑖 ⊕ 𝑏𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑏𝑖+2 ⊕𝑏𝑖+2𝐵𝑖 = 𝑐𝑖 ⊕ 𝑐𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+2𝐶𝑖= 𝑎𝑖 ⊕ 𝑎𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑎𝑖+2 ⊕𝑎𝑖+2
Non-complete✔
NOT Uniform ✖
31Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
Bertoni, Daemen, Peeters, Van Assche: Keccak. EUROCRYPT 2013
Direct Sharing of 𝜒:𝐴𝑖 = 𝑏𝑖 ⊕ 𝑏𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑏𝑖+2 ⊕𝑏𝑖+2𝐵𝑖 = 𝑐𝑖 ⊕ 𝑐𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑐𝑖+2 ⊕ 𝑐𝑖+2𝐶𝑖= 𝑎𝑖 ⊕ 𝑎𝑖+1 ∧ 𝑎𝑖+2 ⊕ 𝑎𝑖+1 ∧ 𝑏𝑖+2 ⊕ 𝑏𝑖+1 ∧ 𝑎𝑖+2 ⊕𝑎𝑖+2
Non-complete✔
NOT Uniform ✖Partially Uniform
32Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
Non-complete✔
NOT Uniform ✖Partially Uniform
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
33Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
1 single bit: uniform
34Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
2 bits: jointly uniform
35Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
3 bits: jointly uniform
36Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
4 bits: not jointly uniform
37Shuffle and Mix | COSADE 2019 | Darmstadt
Non-linear Layer
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
2 out of 5 bits not jointly uniform*
*Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
38Shuffle and Mix | COSADE 2019 | Darmstadt
Refresh with 4 bits of fresh randomness*
Fixing Non-Uniformity
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
**Daemen. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharings. CHES 2017
*Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
39Shuffle and Mix | COSADE 2019 | Darmstadt
Refresh with 4 bits of fresh randomness*
Use 4 shares*
Fixing Non-Uniformity
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
𝜒′′
𝑎
𝑏
𝑐
𝑑
𝐴
𝐵
𝐶
𝐷
**Daemen. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharings. CHES 2017
*Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
40Shuffle and Mix | COSADE 2019 | Darmstadt
Refresh with 4 bits of fresh randomness* Changing of the Guards**
Use 4 shares*
Fixing Non-Uniformity
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
𝜒′′
𝑎
𝑏
𝑐
𝑑
𝐴
𝐵
𝐶
𝐷
**Daemen. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharings. CHES 2017
*Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
41Shuffle and Mix | COSADE 2019 | Darmstadt
Refresh with 4 bits of fresh randomness* Changing of the Guards**
Use 4 shares*
Fixing Non-Uniformity
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝜒‘
𝑎
𝑏
𝑐
𝐴
𝐵
𝐶
𝑟0 𝑟1
𝜒′′
𝑎
𝑏
𝑐
𝑑
𝐴
𝐵
𝐶
𝐷
**Daemen. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharings. CHES 2017
*Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
This Work: Don‘t fix it.Consequences?
42Shuffle and Mix | COSADE 2019 | Darmstadt
Hardware Target
43Shuffle and Mix | COSADE 2019 | Darmstadt
Hardware Architecture
How many parallel S-boxes?
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
Serialized Round-based
44Shuffle and Mix | COSADE 2019 | Darmstadt
Hardware Architecture
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
Serialized Round-basedSlice-based
How many parallel S-boxes?
45Shuffle and Mix | COSADE 2019 | Darmstadt
Hardware Architecture
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
Serialized Round-basedSlice-based
How many parallel S-boxes?
46Shuffle and Mix | COSADE 2019 | Darmstadt
Hardware Architecture
• Slice-Serial: 5 parallel 𝜒 evaluations
• Special treatment: 𝜃 applied to slice 0
Bilgin et al. Efficient and First-Order DPA Resistant Implementations of Keccak, CARDIS 2013
47Shuffle and Mix | COSADE 2019 | Darmstadt
Leakage Evaluation
48Shuffle and Mix | COSADE 2019 | Darmstadt
Evaluation methodology: – Non-specific T-test „fixed vs. Random“
• over entire 200bit state
• with 100 million traces
– Each trace: entire last round
SCA-Measurements
Measurement Setup:– SAKURA-G board @ 1.5Mhz
– Picoscope 6402 @ 625 MS/s
– Amplifier: ZFL-100LN+ (Mini-Circuits)
Schneider, Moradi. Leakage Assessment Methodology - a clear roadmap for side-channel evaluations, CHES 2015
49Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Keccak
1. order over time
2. order over time
3. order over time
50Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Keccak
1. order over time
1. order over traces
51Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Keccak
1. order over time
1. order over traces
Works fine.More rounds?
52Shuffle and Mix | COSADE 2019 | Darmstadt
1800 Rounds of Keccak
1. order over time
2. order over time
3. order over time
53Shuffle and Mix | COSADE 2019 | Darmstadt
1800 Rounds of Keccak
1. order over time
1. order over traces
54Shuffle and Mix | COSADE 2019 | Darmstadt
1800 Rounds of Keccak
1. order over time
1. order over tracesOrigin of entropy?
55Shuffle and Mix | COSADE 2019 | Darmstadt
Source of Diffusion: Linear Layer
𝜒‘
𝐿
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝐿
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝐿
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝐿
𝜒‘
𝜒‘
𝜒‘
56Shuffle and Mix | COSADE 2019 | Darmstadt
Experiment: Remove Linear Layer
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
𝜒‘
57Shuffle and Mix | COSADE 2019 | Darmstadt
• Compute one instance of 𝜒′ on all 215 inputs
• Feed outputs back into it
• Stop when plateau reached
Simulation Part I
𝜒‘
58Shuffle and Mix | COSADE 2019 | Darmstadt
• Compute one instance of 𝜒′ on all 215 inputs
• Feed outputs back into it
• Stop when plateau reached
Simulation Part I
𝜒‘
Result:
59Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of 𝜒′
1. order over time
2. order over time
3. order over time
60Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of 𝜒′
1. order over time
1. order over traces
61Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of 𝜒′
1. order over time
1. order over traces
How much diffusionis needed?
62Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
𝜃
𝜌 𝜋
𝜄
63Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
𝜃
𝜋
𝜄
Bertoni et al. The Keccak Reference
64Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
𝜃 𝜄
Bertoni et al. The Keccak Reference
65Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
𝜄
Bertoni et al. The Keccak Reference
66Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
round constant
Bertoni et al. The Keccak Reference
67Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
round constant
Bertoni et al. The Keccak Reference
68Shuffle and Mix | COSADE 2019 | Darmstadt
Linear Layer: Shuffling and Mixing
𝜌, 𝜋: shuffling
𝜃: mixing
Bertoni et al. The Keccak Reference
69Shuffle and Mix | COSADE 2019 | Darmstadt
How to simulate entropy of masked Keccak-f[200]?
Simulation Part II
Exhaustive Testing:2600 states - impossible
70Shuffle and Mix | COSADE 2019 | Darmstadt
How to simulate entropy of masked Keccak-f[200]?
Simulation Part II
Exhaustive Testing:2600 states - impossible
Sampling:„fixed vs. random“
without power model
71Shuffle and Mix | COSADE 2019 | Darmstadt
Group 0: all zero plaintext
Simulation Part II
masks
# 𝑠𝑒𝑐𝑟𝑒𝑡 = 0
masks
# 𝑠𝑒𝑐𝑟𝑒𝑡 = rand
Comparedistribution.
De Meyer, Bilgin, Reparaz. Consolidating Security Notions in Hardware Masking.
Group 1: random plaintext
72Shuffle and Mix | COSADE 2019 | Darmstadt
Group 0: all zero plaintext
Simulation Part II
masks
# 𝑠𝑒𝑐𝑟𝑒𝑡 = 0
masks
# 𝑠𝑒𝑐𝑟𝑒𝑡 = rand
𝜒2 test
De Meyer, Bilgin, Reparaz. Consolidating Security Notions in Hardware Masking.
Group 1: random plaintext
73Shuffle and Mix | COSADE 2019 | Darmstadt
Next Design: Mix Only
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
74Shuffle and Mix | COSADE 2019 | Darmstadt
Next Design: Mix Only
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
𝜒‘
MIX
𝜒‘
𝜒‘
𝜒‘
Simulation predicts:No leakage
75Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Mixing: 𝝌′, 𝜽
1. order over time
2. order over time
3. order over time
76Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Mixing: 𝝌′, 𝜽
1. order over time
1. order over traces
77Shuffle and Mix | COSADE 2019 | Darmstadt
Next Design: Shuffle Only
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
78Shuffle and Mix | COSADE 2019 | Darmstadt
Next Design: Shuffle Only
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
𝜒‘SHUFFLE
𝜒‘
𝜒‘
𝜒‘
Simulation predicts:No leakage
79Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Shuffling: 𝝌′, 𝝆, 𝝅
1. order over time
2. order over time
3. order over time
80Shuffle and Mix | COSADE 2019 | Darmstadt
18 Rounds of Shuffling: 𝝌′, 𝝆, 𝝅
1. order over time
1. order over traces
81Shuffle and Mix | COSADE 2019 | Darmstadt
Practical Measurements
Summary of Results
Simulations
Active Layers DetectableLeakage?
Sbox𝜒′
Yes!
Mix𝜒′, 𝜃
No.
Shuffle𝜒′, 𝜌, 𝜋
Yes.
Shuffle and Mix𝜒′, 𝜌, 𝜋, 𝜃
No.
Active Layers DetectableLeakage?
Sbox𝜒′
Yes!
Mix𝜒′, 𝜃
No.
Shuffle𝜒′, 𝜌, 𝜋
No.
Shuffle and Mix𝜒′, 𝜌, 𝜋, 𝜃
No.
82Shuffle and Mix | COSADE 2019 | Darmstadt
Practical Measurements
Summary of Results
Simulations
Active Layers DetectableLeakage?
Sbox𝜒′
Yes!
Mix𝜒′, 𝜃
No.
Shuffle𝜒′, 𝜌, 𝜋
Yes.
Shuffle and Mix𝜒′, 𝜌, 𝜋, 𝜃
No.
Active Layers DetectableLeakage?
Sbox𝜒′
Yes!
Mix𝜒′, 𝜃
No.
Shuffle𝜒′, 𝜌, 𝜋
No.
Shuffle and Mix𝜒′, 𝜌, 𝜋, 𝜃
No.
83Shuffle and Mix | COSADE 2019 | Darmstadt
Takeaways:
• Use Shuffle and Mix for entropy diffusion
• Combine simulations with practical evaluations
Caveats:
• Uniformity is essential in decomposed S-boxes:
Future Work:
• Evaluation of exploitable leakage
• Diffusion in other ciphers (e.g. ASCON)
• Quality criteria for RNG
Conclusion
Thanks! Any questions? Grant. Nr. 16KIS0666SYSKIT_HW
Felix Wegener, Christian Baiker, Amir MoradiRuhr University Bochum, Horst Görtz Institute for IT-Security, Germany