Maskara: Compilation of a Masking Countermeasure With Optimized Polynomial Interpolation

摘要

Side-channel attacks are amongst the major threats for embedded systems and IoT devices. Masking is one of the most used countermeasure against such attacks, but its application remains a difficult process. We propose a target-independent approach for applying a first-order Boolean masking countermeasure during compilation, on the static single assignment (SSA) form. Contrary to the state-of-the art automated approaches that require to simplify the control flow of the input program, our approach supports regular control-flow program structures. Moreover, our compiler is the first to automatically mask table lookups using a polynomial interpolation approach. We also present new optimizations to speedup the evaluation of polynomials: we reduce the number of terms of the polynomial, and we accelerate finite-field multiplication. We show that our approach is faster than the standard masked table approach with mask refresh after each access, with speedups up to x2.4 in our experiments. Finally, using a formal verification approach, we show that the compiled machine code is secure, i.e., that all intermediate computations are statistically independent of the secrets.