屏蔽防禦Falcon浮點數乘法與加法

Abstract

旁通道分析已對包含FALCON等許多後量子密碼演算法造成威脅。儘管屏蔽防禦是最有效抵禦旁通道威脅的手段一，由於FALCON實作使用密碼運算中少見的浮點數運算，要屏蔽防禦FALCON較為困難。浮點數運算缺乏結合率與分配率，因此若要屏蔽防禦FALCON，勢必得設計新的浮點數乘法與加法。 本論文設計了第一個浮點數乘法與加法的屏蔽防禦機制，用以保護FALCON的原像向量運算抵禦旁通道攻擊。此方法包含設計一個新的屏蔽非零檢測演算法，用以安全地確認一個分散的值是否是零。這項演算法可被應用於湊整尾數、計算黏滯位、確認兩個分散值的相等以及正規化等。為屏蔽防禦浮點數加法，此論文也設計了屏蔽防禦的移位與正規化演算法。此方法提供一階與更高階的防禦，並藉由(Strong)-Non-Interference驗證其在probing模型的理論安全性。本論文亦在Arm Cortex-M4處理器上實作無防禦、一階與二階防禦後的演算法以進行效率比較。除此之外，此方法進行TVLA洩漏監測，其二階防禦成功在十萬條功率消耗軌跡圖中通過測試。

Side-channel attacks have posed threats to many post-quantum cryptographic schemes including FALCON. While masking is one of the most effective countermeasures against such threats, it is challenging to apply masking to FALCON due to its floating-point number arithmetic in its implementation. The lack of the associative law and distribution law leads to the necessity of devising new ways to do multiplication and addition. In this paper, we present the first masking scheme for floating-point number multiplication and addition to defend against recent side-channel attacks on FALCON’s pre-image vector computation. Our approach involves a masked nonzero check gadget that securely identifies whether a shared value is zero. This gadget can be utilized for various computations such as rounding the mantissa, computing the sticky bit, checking the equality of two values, and normalizing a number. To support the masked floating-point number addition, we also developed a masked shift and a masked normalization gadget. Our masking design provides both first- and higher-order mask protection, and we demonstrate the theoretical security by proving the (Strong)-Non-Interference properties in the probing model. To evaluate the performance of our approach, we implemented unmasked, first-order, and second-order algorithms on an Arm Cortex-M4 processor, providing cycle counts and the number of random bytes used. We also report the time for one complete signing process with our countermeasure on an Intel-Core CPU. In addition, we assessed the practical security of our approach by conducting the test vector leakage assessment (TVLA) to validate the effectiveness of our protection. Specifically, our TVLA experiment results for second-order masking passed the test in 100,000 measured traces.