On the Resiliency of Protected Masked S-Boxes Against Template Attack in the Presence of Temperature and Aging Misalignments

Abstract

Profiling side-channel analysis (SCA) attacks have received a lot of attention in the recent years. To perpetrate these attacks, the adversary creates a profile of a sensitive device at her disposal, and uses it to model a target device with a similar implementation to extract its key. Template attacks are recognized to be the most powerful profiling attacks when the measurement noise is Gaussian. To tackle SCA attacks, different countermeasures have been proposed in the literature, among which masking schemes have received the utmost attention. By adding randomness to the circuit, masking schemes prevent the adversary from relating the power consumption to the evaluated data, thus making the attack more difficult. In this article, we study the protection provided by several masking schemes against template attacks. More precisely, we investigate how the success of the template attack is changed when there is a misalignment between the target and profiling devices in terms of temperature and process variations. As another innovative analysis angle, we extensively study the impact of device aging on the template attack and demonstrate quantitatively how aging misalignments in side-channel traces, between the profiling and the target devices, do hinder the attack. The main objective of this study is to get accurate and numerous results allowing the designer to compare different implementations of masking and accordingly choose one which corresponds to the best compromise among complexity, security, and sensitivity to temperature and aging. We target the S-Box module of the unprotected PRESENT cipher along with its five masking variants including global lookup table (GLUT), rotating S-Box masking (referred to as RSM-LOG hereafter), RSM with read-only memory (RSM-ROM), Ishai–Sahai–Wagner masking (ISW), and threshold implementation (TI). The unprotected circuit gets impacted by such aging misalignments with ≈12.5% increase in the number of traces needed to reach 80% success rate (SR) in the course of 20 weeks of aging at 105 ◦C. Such increase is 23.3%, 37.19%, and 38.24% for ISW, GLUT, and RSM-LOG, respectively. For RSM-ROM such increase is 193.37% for ten weeks of aging. Interestingly, TI is not much affected by aging in this regard.