Authors: Maki Tsukahara, Haruka Hirata, Mingyu Yang, Daiki Miyahara, Yang Li, Yuko Hara-Azumi, Kazuo Sakiyama
Venue: 2023 Eleventh International Symposium on Computing and Networking Workshops (CANDARW 2023)
Publication date: November 2023
Pages: 286–291
DOI: 10.1109/CANDARW60564.2023.00054
Conference paper presented at CANDARW 2023, Matsue, Japan.
Physical attacks on cryptographic hardware have become a significant threat in recent years. For example, side-channel attacks exploit information leakage, such as power consumption or processing time during encryption, to recover the secret key. Threshold implementation (TI) is a widely used countermeasure against such attacks. In the conventional implementation of TI, the significant process for ensuring an important property called uniformity is refreshing, which re-masks intermediate values using many random bits. In this study, we demonstrate that side-channel information leaks when fresh randomness is not sufficient even if a cryptographically secure Pseudo Random Number Generator (PRNG) is appropriately implemented. More precisely, our experimental results show such leakage when the seed value given to the PRNG remains fixed for every encryption, or when the update of fresh random bits is stopped in the encryption.