{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T18:23:20Z","timestamp":1740162200563,"version":"3.37.3"},"reference-count":27,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2022,2,26]],"date-time":"2022-02-26T00:00:00Z","timestamp":1645833600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,2,26]],"date-time":"2022-02-26T00:00:00Z","timestamp":1645833600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptogr Eng"],"published-print":{"date-parts":[[2022,4]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>In the context of side-channel attacks against cryptographic circuits, <jats:italic>t<\/jats:italic>-probing security characterizes the amount of information derivable about sensitive values (e.g., keys) by observing <jats:italic>t<\/jats:italic> output\/internal values. Non-interference is a useful mathematical tool used by researchers to assess the probing security of a circuit which employs Boolean masking to protect itself from attacks. However, reasoning about non-interference still requires either difficult ratiocination or complex automatic tools. In this work, we propose a novel point of view to reason about non-interference, by exploiting the Walsh transform of a Boolean function. To this end, we introduce a calculus for mechanically reasoning about the shares of a variable and show that this formalism provides a lean algebraic explanation of known compositional patterns allowing for the discovery of new ones. Eventually, we show how this formalism can be applied to study the probing security of known cryptographic gadgets.\n<\/jats:p>","DOI":"10.1007\/s13389-022-00286-x","type":"journal-article","created":{"date-parts":[[2022,2,26]],"date-time":"2022-02-26T17:02:43Z","timestamp":1645894963000},"page":"1-14","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A relation calculus for reasoning about t-probing security"],"prefix":"10.1007","volume":"12","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2901-2972","authenticated-orcid":false,"given":"Maria Chiara","family":"Molteni","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5685-9795","authenticated-orcid":false,"given":"Vittorio","family":"Zaccaria","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,2,26]]},"reference":[{"key":"286_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology-CRYPTO 2003","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) Advances in Cryptology-CRYPTO 2003. Lecture Notes in Computer Science, pp. 463\u2013481. Springer, Berlin Heidelberg (2003)"},{"key":"286_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1007\/978-3-662-43933-3_21","volume-title":"Fast Software Encryption","author":"J Coron","year":"2014","unstructured":"Coron, J., Prouff, E., Rivain, M., Roche, T.: Higher-Order Side Channel Security and Mask Refreshing. In: Moriai, S. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, pp. 410\u2013424. Springer, Berlin Heidelberg (2014)"},{"key":"286_CR3","doi-asserted-by":"crossref","unstructured":"Barthe, G., Bela\u00efd , S., Dupressoir , F., Fouque P. A., Gr\u00e9goire, B., Strub, P. Y., Zucchini R.: Strong Non-Interference and Type-Directed Higher-Order Masking. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201916, pages 116\u2013129, New York, NY, USA, (2016). ACM","DOI":"10.1145\/2976749.2978427"},{"key":"286_CR4","first-page":"506","volume":"2015","author":"G Barthe","year":"2015","unstructured":"Barthe, G., Bela\u00efd, S., Dupressoir, F., Fouque, P.A., Gr\u00e9goire, B.: Compositional verification of higher-order masking: application to a verifying masking compiler. IACR Cryptol. ePrint Arch. 2015, 506 (2015)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"286_CR5","doi-asserted-by":"crossref","unstructured":"Bela\u00efd, S., Dahmun G., and Matthieu R.: Tight private circuits: achieving probing security with the least refreshing. Technical Report 439, (2018)","DOI":"10.1007\/978-3-030-03329-3_12"},{"key":"286_CR6","doi-asserted-by":"crossref","unstructured":"Barthe, G., Dupressoir, F., Faust, S., Gr\u00e9goire, B., Standaert, F.X., Strub, P.Y.: Parallel implementations of masking schemes and the bounded moment leakage model. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 10210 LNCS:535\u2013566, (2017)","DOI":"10.1007\/978-3-319-56620-7_19"},{"key":"286_CR7","doi-asserted-by":"crossref","unstructured":"Faust, S., Grosso, V., Del Pozo, S. M., Paglialonga, C., Standaert, F. X: Composable Masking Schemes in the Presence of Physical Defaults and the Robust Probing Model. Technical Report 711, (2017). B","DOI":"10.46586\/tches.v2018.i3.89-120"},{"key":"286_CR8","doi-asserted-by":"crossref","unstructured":"Schmidt, J. M., Kim, C.: A probing attack on AES. pages 256\u2013265, 02 (2009)","DOI":"10.1007\/978-3-642-00306-6_19"},{"key":"286_CR9","doi-asserted-by":"crossref","unstructured":"Rivain, M., Prouff, E.: Provably Secure Higher-Order Masking of AES. Technical Report 441, (2010)","DOI":"10.1007\/978-3-642-15031-9_28"},{"key":"286_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/3-540-60590-8_21","volume-title":"Fast Software Encryption","author":"J Daemen","year":"1995","unstructured":"Daemen, J., Govaerts, R., Vandewalle, J.: Correlation matrices. In: Preneel, B. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, pp. 275\u2013285. Springer, Berlin Heidelberg (1995)"},{"key":"286_CR11","doi-asserted-by":"crossref","unstructured":"Parriaux, J., Guillot, P., Mill\u00e9rioux, G.: Towards a spectral approach for the design of self-synchronizing stream ciphers. Cryptogr. Commun. 3(4), 259\u2013274 (2011)","DOI":"10.1007\/s12095-011-0046-2"},{"key":"286_CR12","doi-asserted-by":"crossref","unstructured":"Bloem, R., Gross, H., Iusupov, R., K\u00f6nighofer, B., Mangard, S., Winter, J.: Formal Verification of Masked Hardware Implementations in the Presence of Glitches. In: Nielsen, J.B. and Rijmen, V., editors, Advances in Cryptology - EUROCRYPT 2018, Lecture Notes in Computer Science, pages 321\u2013353. Springer International Publishing, (2018)","DOI":"10.1007\/978-3-319-78375-8_11"},{"key":"286_CR13","unstructured":"Beyne, T., Dhooghe, S. and Zhenda, Z.: A not so random idea, Cryptanalysis of masked ciphers (2020)"},{"key":"286_CR14","doi-asserted-by":"crossref","unstructured":"Bringer, J., Carlet, C., Chabanne, H., Guilley, S., Maghrebi, H.: Orthogonal direct sum masking. In David, N. and Damien, S., editors, Information Security Theory and Practice. Securing the Internet of Things, pages 40\u201356, Berlin, Heidelberg, 2014. Springer Berlin Heidelberg","DOI":"10.1007\/978-3-662-43826-8_4"},{"key":"286_CR15","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1109\/TIFS.2020.3009609","volume":"16","author":"W Cheng","year":"2021","unstructured":"Cheng, W., Guilley, S., Carlet, C., Mesnager, S., Danger, J.L.: Optimizing inner product masking scheme by a coding theory approach. IEEE Trans. Inf. Forensics Secur. 16, 220\u2013235 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"issue":"4","key":"286_CR16","doi-asserted-by":"publisher","first-page":"596","DOI":"10.1109\/TC.2017.2772231","volume":"67","author":"V Zaccaria","year":"2018","unstructured":"Zaccaria, V., Melzani, F., Bertoni, G.: Spectral features of higher-order side-channel countermeasures. IEEE Trans. Comput. 67(4), 596\u2013603 (2018)","journal-title":"IEEE Trans. Comput."},{"issue":"3","key":"286_CR17","doi-asserted-by":"publisher","first-page":"569","DOI":"10.1109\/18.6037","volume":"34","author":"GZ Xiao","year":"1988","unstructured":"Xiao, G.Z., Massey, J.L.: A spectral characterization of correlation-immune combining functions. IEEE Trans. Inf. Theory 34(3), 569\u2013571 (1988)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"286_CR18","doi-asserted-by":"crossref","unstructured":"Carlet, C.: Boolean Functions for Cryptography and Error-Correcting Codes, pp 257\u2013397. Encyclopedia of Mathematics and its Applications. Cambridge University Press, (2010)","DOI":"10.1017\/CBO9780511780448.011"},{"issue":"04","key":"286_CR19","doi-asserted-by":"publisher","first-page":"193","DOI":"10.2307\/2267134","volume":"13","author":"IM Copilowish","year":"1948","unstructured":"Copilowish, I.M.: Matrix development of the calculus of relations. J. Symbol. Logic 13(04), 193\u2013203 (1948)","journal-title":"J. Symbol. Logic"},{"key":"286_CR20","doi-asserted-by":"crossref","unstructured":"Chiara, M. M., Zaccaria, V.: On the spectral features of robust probing security. IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 24\u201348, August (2020)","DOI":"10.46586\/tches.v2020.i4.24-48"},{"key":"286_CR21","doi-asserted-by":"crossref","unstructured":"Cassiers, G., Faust, S., Maximilian, O., and Standaert, F.-X.: Towards tight random probing security. Technical Report 880, (2021)","DOI":"10.1007\/978-3-030-84252-9_7"},{"key":"286_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1007\/978-3-642-55220-5_25","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"J Coron","year":"2014","unstructured":"Coron, J.: Higher Order Masking of Look-Up Tables. In: Nguyen, P.Q., Oswald, E. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2014. Lecture Notes in Computer Science, pp. 441\u2013458. Springer, Berlin Heidelberg (2014)"},{"issue":"2","key":"286_CR23","doi-asserted-by":"publisher","first-page":"162","DOI":"10.46586\/tches.v2019.i2.162-198","volume":"2019","author":"G Cassiers","year":"2019","unstructured":"Cassiers, G., Standaert, F.X.: Towards globally optimized masking: from low randomness to low noise rate: or probe isolating multiplications with reduced randomness and security against horizontal attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 162\u2013198 (2019)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"286_CR24","series-title":"Computer Science, and Engineering","first-page":"398","volume-title":"Boolean Models and Methods in Mathematics","author":"C Carlet","year":"2010","unstructured":"Carlet, C.: Vectorial Boolean Functions for Cryptography. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics. Computer Science, and Engineering, pp. 398\u2013470. Cambridge University Press, Cambridge (2010)"},{"issue":"4","key":"286_CR25","first-page":"555","volume":"8","author":"B Dravie","year":"2016","unstructured":"Dravie, B., Parriaux, J., Guillot, P., Mill\u00e9rioux, G.: Matrix representations of vectorial Boolean functions and eigenanalysis. Cryptogr. Commun. Discret. Struct. Boolean Funct. Seq. 8(4), 555\u2013577 (2016)","journal-title":"Cryptogr. Commun. Discret. Struct. Boolean Funct. Seq."},{"issue":"4","key":"286_CR26","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/s12095-011-0046-2","volume":"3","author":"P J\u00e9r\u00e9my","year":"2011","unstructured":"J\u00e9r\u00e9my, P., Philippe, G., Gilles, M.: Towards a spectral approach for the design of self-synchronizing stream ciphers. Cryptogr. Commun. 3(4), 259\u2013274 (2011)","journal-title":"Cryptogr. Commun."},{"key":"286_CR27","doi-asserted-by":"crossref","unstructured":"Beyne, T.: Block cipher invariants as eigenvectors of correlation matrices (full version). Cryptology ePrint Archive, Report 2018\/763, (2018)","DOI":"10.1007\/978-3-030-03326-2_1"}],"container-title":["Journal of Cryptographic Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-022-00286-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s13389-022-00286-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13389-022-00286-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,15]],"date-time":"2022-03-15T13:41:48Z","timestamp":1647351708000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s13389-022-00286-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,2,26]]},"references-count":27,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2022,4]]}},"alternative-id":["286"],"URL":"https:\/\/doi.org\/10.1007\/s13389-022-00286-x","relation":{},"ISSN":["2190-8508","2190-8516"],"issn-type":[{"type":"print","value":"2190-8508"},{"type":"electronic","value":"2190-8516"}],"subject":[],"published":{"date-parts":[[2022,2,26]]},"assertion":[{"value":"18 April 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 January 2022","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 February 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}