ATProto Browser
Experimental browser for the Atmosphere
Experimental browser for the Atmosphere
Code-based Masking: From Fields to Bits Bitsliced Higher-Order Masked SKINNY (John Gaspoz, Siemen Dhooghe) ia.cr/2025/799
May 5, 2025, 9:50 AM
{
"uri": "at://did:plc:fwa55bujvdrwlwlwgqmmxmuf/app.bsky.feed.post/3log3rcqayl2s",
"cid": "bafyreihypbqb5scew2dzz4gmrt7v7glwrnbeps2ytucvrrvi3hq6faad6e",
"value": {
"text": "Code-based Masking: From Fields to Bits Bitsliced Higher-Order Masked SKINNY (John Gaspoz, Siemen Dhooghe) ia.cr/2025/799",
"$type": "app.bsky.feed.post",
"embed": {
"$type": "app.bsky.embed.images",
"images": [
{
"alt": "Abstract. Masking is one of the most prevalent and investigated countermeasures against side-channel analysis. As an alternative to the simple (e.g., additive) encoding function of Boolean masking, a collection of more algebraically complex masking types has emerged. Recently, inner product masking and the more generic code-based masking have proven to enable higher theoretical security properties than Boolean masking. In CARDIS 2017, Poussier et al. connected this “security order amplification” effect to the bit-probing model, demonstrating that for the same shared size, sharings from more complex encoding functions exhibit greater resistance to higher-order attacks. Despite these advantages, masked gadgets designed for code-based implementations face significant overhead compared to Boolean masking. Furthermore, existing code-based masked gadgets are not designed for efficient bitslice representation, which is highly beneficial for software implementations. Thus, current code-based masked gadgets are constrained to operate over words (e.g., elements in 𝔽_(2^(k))), limiting their applicability to ciphers where the S-box can be efficiently computed via power functions, such as AES. In this paper, we address the aforementioned limitations. We first introduce foundational masked linear and non-linear circuits that operate over bits of code-based sharings, ensuring composability and preserving bit-probing security, specifically achieving t-Probe Isolating Non-Interference (t-PINI). Utilizing these circuits, we construct masked ciphers that operate over bits, preserving the security order amplification effect during computation. Additionally, we present an optimized bitsliced masked assembly implementation of the SKINNY cipher, which outperforms Boolean masking in terms of randomness and gate count. The third-order security of this implementation is formally proven and validated through practical side-channel leakage evaluations on a Cortex-M4 core, confirming its robustness against leakages up to one million traces.\n",
"image": {
"$type": "blob",
"ref": {
"$link": "bafkreig7quer73yxvvrqi5nsagrzmdno2lgzo2fynge5hn4uriiiyqlew4"
},
"mimeType": "image/png",
"size": 100172
},
"aspectRatio": {
"width": 1200,
"height": 800
}
},
{
"alt": "Image showing part 2 of abstract.",
"image": {
"$type": "blob",
"ref": {
"$link": "bafkreid7uegoqlvdqt3syh6cd4i4spdwu3taduhngsrskt7qmhqi2o6eye"
},
"mimeType": "image/png",
"size": 87029
},
"aspectRatio": {
"width": 1200,
"height": 800
}
}
]
},
"facets": [
{
"index": {
"byteEnd": 121,
"byteStart": 107
},
"features": [
{
"uri": "https://ia.cr/2025/799",
"$type": "app.bsky.richtext.facet#link"
}
]
}
],
"createdAt": "2025-05-05T09:50:17.896010Z"
}
}