Mask Compression: High-Order Masking on Memory-Constrained Devices

ePrint Report: Mask Compression: High-Order Masking on Memory-Constrained Devices

Markku-Juhani O. Saarinen, Mélissa Rossi

Masking is a well-studied method for achieving provable security against side-channel attacks. In masking, each sensitive variable is split into $d$ randomized shares, and computations are performed with those shares. In addition to the computational overhead of masked arithmetic, masking also has a storage cost, increasing the requirements for working memory and secret key storage proportionally with $d$.


In this work, we introduce mask compression. This …

addition attacks channel compression computational devices eprint report high masking memory order provable security report security side-channel side-channel attacks variable