BEGIN:VCALENDAR
CALSCALE:GREGORIAN
VERSION:2.0
X-WR-TIMEZONE:Europe/Paris
METHOD:PUBLISH
PRODID:-//LIP6//www.lip6.fr//FR
X-WR-CALNAME;VALUE=TEXT:Séminaire LIP6
X-LIC-LOCATION:Europe/Paris
BEGIN:VTIMEZONE
TZID:Europe/Paris
BEGIN:DAYLIGHT
TZOFFSETFROM:+0100
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU
DTSTART:19810329T020000
TZNAME:GMT+02:00
TZOFFSETTO:+0200
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:+0200
RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU
DTSTART:19961027T030000
TZNAME:GMT+01:00
TZOFFSETTO:+0100
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
SUMMARY:Fast Verification of Masking Schemes in Characteristic Two
ORGANIZER;CN=Damien Vergnaud:MAILTO:damien.vergnaud@lip6.fr
ATTENDEE;CN=Nicolas Bordes et Pierre Karpman:;CUTYPE=INDIVIDUAL;PARTSTAT=A
CCEPTED
DESCRIPTION:We revisit the matrix model for non-interference (NI) probing
security of masking gadgets introduced by Belaïd et al. at CRYPTO 2017. T
his leads to two main results.
1) We generalise the theorems on which th
is model is based\, so as to be able to apply them to masking schemes over
any finite field -- in particular F_2 -- and to be able to analyse the st
rong non-interference (SNI) security notion. We also follow Faust et al. (
TCHES 2018) to additionally consider a robust probing model that takes har
dware defects such as glitches into account.
2) We exploit this improved
model to implement a very efficient verification algorithm that improves
the performance of state-of-the-art software by three orders of magnitude.
We show applications to variants of NI and SNI multiplication gadgets fro
m Barthe et al. (EUROCRYPT 2017) which we verify to be secure up to order
11 after a significant parallel computation effort\, whereas the previous
largest proven order was 7; SNI refreshing gadgets (ibid.); and NI multipl
ication gadgets from Gross et al. (TIS@CCS 2016) secure in presence of gli
tches. We also reduce the randomness cost of some existing gadgets\, notab
ly for the implementation-friendly case of 8 shares\, improving here the p
revious best results by 17% (resp. 19%) for SNI multiplication (resp. refr
eshing).
DTSTAMP:20211019T234626Z
DTSTART;TZID=Europe/Paris:20211126T110000
DURATION:PT2H
URL;VALUE=URI:https://www.lip6.fr/liens/organise-fiche.php?ident=O1082
UID:LIP6/SEM/O1082
LOCATION:Salle 405\, couloir 24-25\, 4 place Jussieu - 75005 Paris
GEO:48.847449;2.355255
END:VEVENT
END:VCALENDAR