Quantitative Verification of Masked Arithmetic Programs against Side-Channel Attacks
This work addresses the error-prone process of designing secure masking algorithms for cryptographic systems vulnerable to power side-channel attacks, representing an incremental improvement in verification tools.
The paper tackles the problem of verifying masked arithmetic programs against side-channel attacks by proposing a hybrid approach combining type inference and model-counting, with experimental results demonstrating its effectiveness and efficiency on cryptographic benchmarks.
Power side-channel attacks, which can deduce secret data via statistical analysis, have become a serious threat. Masking is an effective countermeasure for reducing the statistical dependence between secret data and side-channel information. However, designing masking algorithms is an error-prone process. In this paper, we propose a hybrid approach combing type inference and model-counting to verify masked arithmetic programs against side-channel attacks. The type inference allows an efficient, lightweight procedure to determine most observable variables whereas model-counting accounts for completeness. In case that the program is not perfectly masked, we also provide a method to quantify the security level of the program. We implement our methods in a tool QMVerif and evaluate it on cryptographic benchmarks. The experimental results show the effectiveness and efficiency of our approach.