{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,11]],"date-time":"2025-06-11T05:28:31Z","timestamp":1749619711780,"version":"3.37.3"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2024,12,1]],"date-time":"2024-12-01T00:00:00Z","timestamp":1733011200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,12,16]],"date-time":"2024-12-16T00:00:00Z","timestamp":1734307200000},"content-version":"vor","delay-in-days":15,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1943224"],"award-info":[{"award-number":["CNS-1943224"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Agence nationale de la recherche","award":["ANR-20-CYAL-0007, MESRI-BMBF call"],"award-info":[{"award-number":["ANR-20-CYAL-0007, MESRI-BMBF call"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Electron Test"],"published-print":{"date-parts":[[2024,12]]},"abstract":"Abstract<\/jats:title>Protecting sensitive logic functions in ASICs requires side-channel countermeasures. Many gate-level masking styles have been published, each with pros and cons. Some styles such as RSM, GLUT, and ISW are compact but can feature 1st-order leakage. Some other styles, such as TI, DOM, and HPC are secure at the 1st-order but incur significant overheads in terms of performance. Another requirement is that security shall be ensured even when the device is aged. Pre-silicon security evaluation is now a normatively approved method to characterize the expected resiliency against attacks ahead of time. However, in this regard, there is still a fragmentation in terms of leakage models, Points of Interest (PoI) selection, attack order, and distinguishers. Accordingly, in this paper we focus on such factors as they affect the success of side-channel analysis attacks and assess the resiliency of the state-of-the-art masking styles in various corners. Moreover, we investigate the impact of device aging as another factor and analyze its influence on the success of side-channel attacks targeting the state-of-the-art masking schemes. This pragmatic evaluation enables risk estimation in a complex PPA (Power, Performance, and Area) and security plane while also considering aging impacts into account. For instance, we explore the trade-off between low-cost secure styles attackable at 1st-order vs high-cost protection attackable only at 2nd-order.<\/jats:p>","DOI":"10.1007\/s10836-024-06155-1","type":"journal-article","created":{"date-parts":[[2024,12,16]],"date-time":"2024-12-16T08:09:06Z","timestamp":1734336546000},"page":"723-740","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Multi-modal Pre-silicon Evaluation of Hardware Masking Styles"],"prefix":"10.1007","volume":"40","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9302-413X","authenticated-orcid":false,"given":"Md Toufiq Hasan","family":"Anik","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0000-6776-2542","authenticated-orcid":false,"given":"Hasin Ishraq","family":"Reefat","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9433-7576","authenticated-orcid":false,"given":"Wei","family":"Cheng","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5063-7964","authenticated-orcid":false,"given":"Jean-Luc","family":"Danger","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5044-3534","authenticated-orcid":false,"given":"Sylvain","family":"Guilley","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5825-6637","authenticated-orcid":false,"given":"Naghmeh","family":"Karimi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,16]]},"reference":[{"issue":"11","key":"6155_CR1","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3569577","volume":"55","author":"S Picek","year":"2023","unstructured":"Picek S, Perin G, Mariot L, Wu L, Batina L (2023) Sok: Deep learning-based physical side-channel analysis. ACM Comput Surveys 55(11):1\u201335","journal-title":"ACM Comput Surveys"},{"key":"6155_CR2","doi-asserted-by":"crossref","unstructured":"Prouff E, Rivain M (2007) A Generic Method for Secure SBox Implementation. In: International Workshop on Information Security Applications, pp 227\u2013244 . Springer","DOI":"10.1007\/978-3-540-77535-5_17"},{"key":"6155_CR3","doi-asserted-by":"crossref","unstructured":"Nassar M, Souissi Y, Guilley S, Danger J-L (2012) RSM: A Small and Fast Countermeasure for AES, Secure against 1st and 2nd-order Zero-offset SCAs. In: 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp 1173\u20131178 . IEEE","DOI":"10.1109\/DATE.2012.6176671"},{"key":"6155_CR4","doi-asserted-by":"crossref","unstructured":"Giaconia M, Macchetti M, Regazzoni F, Schramm K (2007) Area and Power Efficient Synthesis of DPA-Resistant Cryptographic S-Boxes. In: 20th International Conference on VLSI Design, pp 731\u2013737. IEEE Computer Society, Bangalore, India","DOI":"10.1109\/VLSID.2007.44"},{"key":"6155_CR5","doi-asserted-by":"crossref","unstructured":"Ishai Y, Sahai A, Wagner D (2003) Private Circuits: Securing Hardware against Probing Attacks. In: Advances in Cryptology-CRYPTO 2003: 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, 17-21 August, 2003. Proceed 23, vol 2729, pp 463\u2013481","DOI":"10.1007\/978-3-540-45146-4_27"},{"key":"6155_CR6","doi-asserted-by":"crossref","unstructured":"Nikova S, Rijmen V, Schl\u00e4ffer M (2008) Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches. In: Information Security and Cryptology \u2013 ICISC, vol 5461, pp 218\u2013234. Springer, Seoul, Korea","DOI":"10.1007\/978-3-642-00730-9_14"},{"key":"6155_CR7","doi-asserted-by":"crossref","unstructured":"Gro\u00df H, Mangard S, Korak T (2016) Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order. In: Cryptology ePrint Archive 2016, p 3","DOI":"10.1145\/2996366.2996426"},{"issue":"10","key":"6155_CR8","doi-asserted-by":"publisher","first-page":"1677","DOI":"10.1109\/TC.2020.3022979","volume":"70","author":"G Cassiers","year":"2021","unstructured":"Cassiers G, Gr\u00e9goire B, Levi I, Standaert F (2021) Hardware Private Circuits: From Trivial Composition to Full Verification. IEEE Trans Comput 70(10):1677\u20131690","journal-title":"IEEE Trans Comput"},{"key":"6155_CR9","doi-asserted-by":"crossref","unstructured":"Chaves R, Chmielewski \u0141, Regazzoni F, Batina L (2018) SCA-Resistance for AES: How Cheap Can We Go? In: Progress in Cryptology\u2013AFRICACRYPT 2018: 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, 7\u20139 May, 2018, Proceed 10, pp 107\u2013123 . Springer","DOI":"10.1007\/978-3-319-89339-6_7"},{"key":"6155_CR10","doi-asserted-by":"crossref","unstructured":"Mangard S, Popp T, Gammel BM (2005) Side-Channel Leakage of Masked CMOS Gates. In: Cryptographers\u2019 Track at the RSA Conference, vol 3376, pp 351\u2013365","DOI":"10.1007\/978-3-540-30574-3_24"},{"key":"6155_CR11","doi-asserted-by":"crossref","unstructured":"Mangard S, Schramm K (2006) Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp 76\u201390 . Springer","DOI":"10.1007\/11894063_7"},{"key":"6155_CR12","doi-asserted-by":"crossref","unstructured":"Liu H, Qian G, Tsunoo Y, Goto S (2011) The Switching Glitch Power Leakage Model. J Softw (JSW) 6(9):1787\u20131794. Academy Publisher","DOI":"10.4304\/jsw.6.9.1787-1794"},{"issue":"2","key":"6155_CR13","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/s00145-017-9259-7","volume":"31","author":"N Bruneau","year":"2018","unstructured":"Bruneau N, Guilley S, Najm Z, Teglia Y (2018) Multivariate high-order attacks of shuffled tables recomputation. J Cryptology 31(2):351\u2013393","journal-title":"J Cryptology"},{"key":"6155_CR14","doi-asserted-by":"crossref","unstructured":"Balasch J, Gierlichs B, Grosso V, Reparaz O, Standaert F (2014) On the Cost of Lazy Engineering for Masked Software Implementations. In: Smart Card Research and Advanced Applications - 13th International Conference, CARDIS 2014, Paris, France, 5-7 November, 2014. Revised Selected Papers, pp 64\u201381","DOI":"10.1007\/978-3-319-16763-3_5"},{"key":"6155_CR15","unstructured":"Goodwill G, Jun B, Jaffe J, Rohatgi P (2011) A testing methodology for side-channel resistance validation. NIST Non-Invasive Attack Testing Workshop"},{"key":"6155_CR16","doi-asserted-by":"crossref","unstructured":"Bahrami J, Ebrahimabadi M, Danger J, Guilley S, Karimi N (2022) Leakage Power Analysis in Different S-Box Masking Protection Schemes. In: Design, Automation & Test in Europe Conference & Exhibition, DATE, Antwerp, Belgium, pp 1263\u20131268","DOI":"10.23919\/DATE54114.2022.9774763"},{"key":"6155_CR17","unstructured":"Eurosmart (2021) Secure Sub-System in System-on-Chip (3S in SoC) Protection Profile (PP 0117)"},{"key":"6155_CR18","unstructured":"Federal Office for Information Security (BSI) (2022) Certification Report V1.1 CC-PP-414 V3.6, of Common Criteria Protection Profile BSI-CC-PP-0117-2022 [Secure Sub-System in System-on-Chip (3S in SoC)], version 1.5. valid until 28 February 2032"},{"key":"6155_CR19","unstructured":"Li H, Wu K, Yu F, Yuan H (2010) Evaluation Metrics of Physical Non-invasive Security. In: 4th IFIP WG 11.2 International Workshop, WISTP. Lect Note Comput Sci, vol 6033, pp 60\u201375. Springer, Passau, Germany"},{"key":"6155_CR20","doi-asserted-by":"crossref","unstructured":"Nassar M, Guilley S, Danger J-L (2011) Formal Analysis of the Entropy \/ Security Trade-off in First-Order Masking Countermeasures against Side-Channel Attacks. In: International Conference on Cryptology in India, pp 22\u201339","DOI":"10.1007\/978-3-642-25578-6_4"},{"key":"6155_CR21","doi-asserted-by":"crossref","unstructured":"Carlet C, Guilley S (2013) Side-channel indistinguishability. In: Lee RB, Shi W (eds.) Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, p 9","DOI":"10.1145\/2487726.2487735"},{"key":"6155_CR22","unstructured":"Covic A, Ganji F, Forte D (2020) Circuit masking schemes: New hope for backside probing countermeasures? SRC TECHCON"},{"key":"6155_CR23","unstructured":"Courtois N, Hulme D, Mourouzis T (2011) Solving Circuit Optimisation Problems in Cryptography and Cryptanalysis. IACR Cryptology ePrint Archive, 475"},{"issue":"3","key":"6155_CR24","doi-asserted-by":"publisher","first-page":"347","DOI":"10.1109\/TC.2018.2875746","volume":"68","author":"DB Roy","year":"2018","unstructured":"Roy DB, Bhasin S, Guilley S, Heuser A, Patranabis S, Mukhopadhyay D (2018) CC meets FIPS: A hybrid test methodology for first order side channel analysis. IEEE Trans Comput 68(3):347\u2013361","journal-title":"IEEE Trans Comput"},{"key":"6155_CR25","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1007\/11935308_38","volume-title":"International Conference on Information and Communications Security","author":"S Nikova","year":"2006","unstructured":"Nikova S, Rechberger C, Rijmen V (2006) Threshold Implementations Against Side-Channel Attacks and Glitches. International Conference on Information and Communications Security, vol 4307. LNCS. Springer, Raleigh, NC, USA, pp 529\u2013545"},{"key":"6155_CR26","first-page":"338","volume-title":"Power Analysis Attacks: Revealing the Secrets of Smart Cards","author":"S Mangard","year":"2006","unstructured":"Mangard S, Oswald E, Popp T (2006) Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Secaucus, NJ, USA, p 338"},{"issue":"6","key":"6155_CR27","doi-asserted-by":"publisher","first-page":"799","DOI":"10.1109\/TC.2009.15","volume":"58","author":"E Prouff","year":"2009","unstructured":"Prouff E, Rivain M, Bevan R (2009) Statistical Analysis of Second Order Differential Power Analysis. IEEE Trans Comput 58(6):799\u2013811","journal-title":"IEEE Trans Comput"},{"key":"6155_CR28","doi-asserted-by":"crossref","unstructured":"Brier \u00c9, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: Cryptographic Hardware and Embedded Systems-CHES 2004: 6th International Workshop Cambridge, MA, USA, 11-13 August, 2004. Proceed 6, pp 16\u201329","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"6155_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-540-85886-7_24","volume-title":"International Conference on Information Security","author":"L Batina","year":"2008","unstructured":"Batina L, Gierlichs B, Lemke-Rust K (2008) Comparative Evaluation of Rank Correlation Based DPA on an AES Prototype Chip. International Conference on Information Security, vol 5222. Lecture Notes in Computer Science. Springer, Taipei, Taiwan, pp 341\u2013354"},{"key":"6155_CR30","doi-asserted-by":"crossref","unstructured":"Gierlichs B, Lemke-Rust K, Paar C (2006) Templates vs. stochastic methods: A performance analysis for side channel cryptanalysis. In: Cryptographic Hardware and Embedded Systems-CHES 2006: 8th International Workshop, Yokohama, Japan, 10-13 October, 2006. Proceed 8. LNCS, vol 4249, pp 15\u201329","DOI":"10.1007\/11894063_2"},{"key":"6155_CR31","doi-asserted-by":"crossref","unstructured":"Reparaz O, Gierlichs B, Verbauwhede I (2012) Selecting Time Samples for Multivariate DPA Attacks. In: Cryptographic Hardware and Embedded Systems\u2013CHES 2012: 14th International Workshop, Leuven, Belgium, 9-12 September, 2012. Proceed 14, pp 155\u2013174","DOI":"10.1007\/978-3-642-33027-8_10"},{"key":"6155_CR32","doi-asserted-by":"publisher","first-page":"90455","DOI":"10.1109\/ACCESS.2021.3090752","volume":"9","author":"B Fadaeinia","year":"2021","unstructured":"Fadaeinia B, Anik MTH, Karimi N, Moradi A (2021) Masked SABL: A Long Lasting Side-Channel Protection Design Methodology. IEEE Access 9:90455\u201390464","journal-title":"IEEE Access"},{"key":"6155_CR33","doi-asserted-by":"crossref","unstructured":"Anik MTH, Guilley S, Danger J-L, Karimi N (2020) On the effect of aging on digital sensors. In: VLSID, pp 189\u2013194","DOI":"10.1109\/VLSID49098.2020.00050"},{"key":"6155_CR34","volume-title":"AEC-Q100","author":"Automotive Electronics Council","year":"2007","unstructured":"Automotive Electronics Council (2007) AEC-Q100. Failure Mechanism Based Stress Test Qualification For Integrated Circuits, Rev-G"},{"issue":"3","key":"6155_CR35","doi-asserted-by":"publisher","first-page":"347","DOI":"10.1109\/TC.2018.2875746","volume":"68","author":"DB Roy","year":"2019","unstructured":"Roy DB, Bhasin S, Guilley S, Heuser A, Patranabis S, Mukhopadhyay D (2019) CC meets FIPS: A hybrid test methodology for first order side channel analysis. IEEE Trans Comput 68(3):347\u2013361","journal-title":"IEEE Trans Comput"},{"issue":"3","key":"6155_CR36","doi-asserted-by":"publisher","first-page":"465","DOI":"10.46586\/tches.v2021.i3.465-495","volume":"2021","author":"W Cheng","year":"2021","unstructured":"Cheng W, Guilley S, Carlet C, Danger J, Mesnager S (2021) Information Leakages in Code-based Masking: A Unified Quantification Approach. IACR Trans Cryptogr Hardw Embed Syst 2021(3):465\u2013495","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"6155_CR37","doi-asserted-by":"crossref","unstructured":"Sugawara T, Suzuki D, Saeki M, Shiozaki M, Fujino T (2013) On Measurable Side-Channel Leaks Inside ASIC Design Primitives. In: Cryptographic Hardware and Embedded Systems (CHES), pp 159\u2013178","DOI":"10.1007\/978-3-642-40349-1_10"},{"issue":"5","key":"6155_CR38","doi-asserted-by":"publisher","first-page":"1276","DOI":"10.1109\/TCAD.2021.3088803","volume":"41","author":"F Niknia","year":"2022","unstructured":"Niknia F, Danger J-L, Guilley S, Karimi N (2022) Aging effects on template attacks launched on dual-rail protected chips. IEEE Trans Comput-Aided Design of Integ Circ Syst 41(5):1276\u20131289","journal-title":"IEEE Trans Comput-Aided Design of Integ Circ Syst"},{"key":"6155_CR39","doi-asserted-by":"crossref","unstructured":"Anik MTH, Fadaeinia B, Moradi A, Karimi N (2021) On the Impact of Aging on Power Analysis Attacks Targeting Power-Equalized Cryptographic Circuits. In: Proceedings of the 26th Asia and South Pacific Design Automation Conference, pp 414\u2013420","DOI":"10.1145\/3394885.3431597"}],"container-title":["Journal of Electronic Testing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10836-024-06155-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10836-024-06155-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10836-024-06155-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,6]],"date-time":"2025-01-06T07:14:24Z","timestamp":1736147664000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10836-024-06155-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12]]},"references-count":39,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2024,12]]}},"alternative-id":["6155"],"URL":"https:\/\/doi.org\/10.1007\/s10836-024-06155-1","relation":{},"ISSN":["0923-8174","1573-0727"],"issn-type":[{"type":"print","value":"0923-8174"},{"type":"electronic","value":"1573-0727"}],"subject":[],"published":{"date-parts":[[2024,12]]},"assertion":[{"value":"4 March 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 November 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 December 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of Interest"}}]}}