IronMask: Versatile Verification of Masking Security
Title | IronMask: Versatile Verification of Masking Security |
Publication Type | Conference Paper |
Year of Publication | 2022 |
Authors | Belaïd, Sonia, Mercadier, Darius, Rivain, Matthieu, Taleb, Abdul Rahman |
Conference Name | 2022 IEEE Symposium on Security and Privacy (SP) |
Keywords | automatic verification, Benchmark testing, complete verification, composability, composition, data structures, expandability, lronMask, masking, physical defaults, privacy, Probes, probing model, pubcrawl, random probing model, resilience, Resiliency, Scalability, security, Security by Default, Side-channel security, Silver, Standards |
Abstract | This paper introduces lronMask, a new versatile verification tool for masking security. lronMask is the first to offer the verification of standard simulation-based security notions in the probing model as well as recent composition and expandability notions in the random probing model. It supports any masking gadgets with linear randomness (e.g. addition, copy and refresh gadgets) as well as quadratic gadgets (e.g. multiplication gadgets) that might include non-linear randomness (e.g. by refreshing their inputs), while providing complete verification results for both types of gadgets. We achieve this complete verifiability by introducing a new algebraic characterization for such quadratic gadgets and exhibiting a complete method to determine the sets of input shares which are necessary and sufficient to perform a perfect simulation of any set of probes. We report various benchmarks which show that lronMask is competitive with state-of-the-art verification tools in the probing model (maskVerif, scVerif, SILVEH, matverif). lronMask is also several orders of magnitude faster than VHAPS -the only previous tool verifying random probing composability and expandability- as well as SILVEH -the only previous tool providing complete verification for quadratic gadgets with nonlinear randomness. Thanks to this completeness and increased performance, we obtain better bounds for the tolerated leakage probability of state-of-the-art random probing secure compilers. |
DOI | 10.1109/SP46214.2022.9833600 |
Citation Key | belaid_ironmask_2022 |
- Probes
- standards
- Silver
- Side-channel security
- Security by Default
- security
- Scalability
- Resiliency
- resilience
- random probing model
- pubcrawl
- probing model
- expandability
- privacy
- physical defaults
- masking
- lronMask
- data structures
- Composition
- composability
- complete verification
- Benchmark testing
- automatic verification