2025 Volume E108.A Issue 3 Pages 193-206
Physical attacks against cryptographic hardware have become a major threat. For example, side-channel attacks (SCAs) exploit information leakage from power consumption and electromagnetic radiation during encryption to recover secret keys. We recognize them as a powerful threat because the attackers can conduct them using relatively inexpensive equipment. Thus, embedded systems based on cryptographic hardware need to be secure against SCAs. Threshold Implementation (TI) is widely studied as an effective countermeasure against SCAs. Each sensitive intermediate value is divided into multiple values called shares using random bits, and each share is performed to realize the cryptographic algorithm securely. TI requires three important properties for secure computation: correctness, non-completeness, and uniformity. Note that non-linear operation, e.g., AES S-box, cannot preserve perfect uniformity. Compensating for the lack of uniformity, the intermediate values must be re-masked using a large amount of fresh random numbers, called refreshing. Therefore, it is necessary to use random numbers in random number generators (RNGs) to implement TI, but the security requirements for randomness in such RNGs are not yet well-discussed. In this paper, we investigate the impact of practical randomness on security against SCAs. More specifically, we implement AES hardware protected by second-order TI on an FPGA to evaluate the security in cases where the random number used for dividing the secret value into shares is fixed or random. Furthermore, we also explore information leakage in the case where randomized or fixed seed values are sent to the RNG used in refreshing or where the frequency of random number updates is reduced. Based on these results, we discuss practical randomness suitable for TI-based hardware countermeasures.
