1. CAPA: The Spirit of Beaver against Physical Attacks 2018 Crypto Hardware
    Oscar Reparaz and Lauren De Meyer and Begül Bilgin and Victor Arribas and Svetla Nikova and Ventzislav Nikov and Nigel Smart
    [View PDF on eprint.iacr.org]
    [Show BibTex Citation]

    @misc{cryptoeprint:2017:1195,
    author = {Oscar Reparaz and Lauren De Meyer and Begül Bilgin and Victor Arribas and Svetla Nikova and Ventzislav Nikov and Nigel Smart},
    title = {CAPA: The Spirit of Beaver against Physical Attacks},
    howpublished = {Cryptology ePrint Archive, Report 2017/1195},
    year = {2017},
    note = {\url{https://eprint.iacr.org/2017/1195}},
    }

In this paper we introduce two things: On one hand we introduce the Tile-Probe-and-Fault model, a model generalising the wire-probe model of Ishai et al. extending it to cover both more realistic side-channel leakage scenarios on a chip and also to cover fault and combined attacks. Secondly we introduce CAPA: a combined Countermeasure Against Physical Attacks. Our countermeasure is motivated by our model, and aims to provide security against higher-order SCA, multiple-shot FA and combined attacks. The tile-probe-and-fault model leads one to naturally look (by analogy) at actively secure multi-party computation protocols. Indeed, CAPA draws much inspiration from the MPC protocol SPDZ. So as to demonstrate that the model, and the CAPA countermeasure, are not just theoretical constructions, but could also serve to build practical countermeasures, we present initial experiments of proof-of-concept designs using the CAPA methodology. Namely, a hardware implementation of the KATAN and AES block ciphers, as well as a software bitsliced AES S-box implementation. We demonstrate experimentally that the design can resist second-order DPA attacks, even when the attacker is presented with many hundreds of thousands of traces. In addition our proof-of-concept can also detect faults within our model with high probability in accordance to the methodology.

  1.