Next Article in Journal
Evaluation of Molecular Polarizability and of Intensity Carrying Modes Contributions in Circular Dichroism Spectroscopies
Next Article in Special Issue
Real-Time Detection for Cache Side Channel Attack using Performance Counter Monitor
Previous Article in Journal
Use of Neural Networks to Identify Safety Prevention Priorities in Agro-Manufacturing Operations within Commercial Grain Elevators
Open AccessArticle

On Non-Completeness and G-Equivariance

Department of Information Security, Woosuk University, Jeollabuk-do 55338, Korea
Appl. Sci. 2019, 9(21), 4692;
Received: 13 August 2019 / Revised: 15 October 2019 / Accepted: 24 October 2019 / Published: 4 November 2019
(This article belongs to the Special Issue Side Channel Attacks and Countermeasures)
With the growing threat of the side-channel attack (SCA) to the cryptographic algorithm’s implementations, the masking method has become one of the most promising SCA countermeasures for securely implementing, for example, block ciphers. The basic principle of the masking method is that if the sensitive variable (which, by definition, depends on sensitive information) is split into some random variables and they are manipulated in a secure manner, then the relationship between the random variables and the corresponding side-channel information may look independent from the outside world. However, after the introduction of the glitch attack, there has been a lot of concern about the security of the masking method itself. And, to mitigate the threat of the glitch attack, the threshold implementation (TI) and G-equivariant gates were independently introduced as countermeasures. In this paper, we consider the main notions of two such independent glitch attack’s countermeasures, say, non-completeness and G-equivariance, and investigate their relationship. The contribution of this paper is three-fold. First, we show that the widely-circulated proof that the non-complete TI with uniform inputs guarantees the security against the 1st order DPA even in the presence of glitches is not satisfactory. Next, using the extended notion of G-equivariance to the higher-order setting, we prove that non-completeness implies G-equivariance, which, in turn, means that the non-complete TI with uniform inputs has resistance against the glitch attack. Thirdly, we prove that the set of non-complete gates is a proper subset of the set of G-equivariant gates by showing there is a gate that is G-equivariant but not non-complete. View Full-Text
Keywords: threshold implementation; G-equivariance; side-channel attack; masking method; glitch attack threshold implementation; G-equivariance; side-channel attack; masking method; glitch attack
Show Figures

Figure 1

MDPI and ACS Style

Baek, Y.-J. On Non-Completeness and G-Equivariance. Appl. Sci. 2019, 9, 4692.

AMA Style

Baek Y-J. On Non-Completeness and G-Equivariance. Applied Sciences. 2019; 9(21):4692.

Chicago/Turabian Style

Baek, Yoo-Jin. 2019. "On Non-Completeness and G-Equivariance" Appl. Sci. 9, no. 21: 4692.

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Search more from Scilit
Back to TopTop