

























Sebastian Berndt, Technische Hochschule Lübeck
Thomas Eisenbarth, University of Lübeck
Marc Gourjon, Max Planck Institute for Security and Privacy
Elena Micheli, TU Darmstadt
Pajam Pauls, University of Lübeck
Kathrin Wirschem, TU Darmstadt
Ensuring rigorous protection against physical attacks that simultaneously combine passive side-channel observations with active fault injections is a recent and rapidly evolving research area. Polynomial masking is a promising countermeasure, as it provides both privacy against leakage and redundancy against faults. At CRYPTO 2023, Berndt et al. introduced the ``LaOla’’ scheme, which protects arbitrary circuits against such attacks. However, their model tolerates only a global threshold of e faults across the entire circuit, which fundamentally limits scalability. In this work, we overcome this restriction by extending fault robustness to the region fault model, where an adversary can inject up to \(e\) faults in each gadget. We present the first gadgets secure against combined leakage and fault attacks in this stronger model. This improvement allows us to tolerate up to \(x \cdot {e}\) faults across a circuit with \(x\) gadgets instead of just a total of \(e\) as in previous works. Consequently, the protection order \(e\) can remain constant. To achieve this, we introduce sufficient and practically attainable security definitions that are strictly stronger than those of Berndt et al. We further apply this principle to the LaOla construction, proving our stronger security notions for the adapted multiplication gadget.
BibTeX
@misc{cryptoeprint:2025/1275,
author = {Paula Arnold and Sebastian Berndt and Thomas Eisenbarth and Marc Gourjon and Elena Micheli and Maximilian Orlt and Pajam Pauls and Kathrin Wirschem and Liang Zhao},
title = {{OhLaLa}: Combined Security against Region Fault Attacks in Constant Protection Order},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/1275},
year = {2025},
url = {https://eprint.iacr.org/2025/1275}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。