Paper 2025/455

StaMAC: Fault Protection via Stable-MAC Tags

Siemen Dhooghe, COSIC, KU Leuven, Leuven, Belgium
Artemii Ovchinnikov, COSIC, KU Leuven, Leuven, Belgium
Dilara Toprakhisar, COSIC, KU Leuven, Leuven, Belgium
Abstract

Fault attacks pose a significant threat to cryptographic implementations, motivating the development of countermeasures, primarily based on a combination of redundancy and masking techniques. Redundancy, in these countermeasures, is often implemented via duplication or linear codes. However, their inherent structure remains susceptible to strategic fault injections bypassing error checks. To address this, the CAPA countermeasure from CRYPTO 2018 leveraged information-theoretic MAC tags for protection against fault and combined attacks. However, a recent attack has shown that CAPA can only protect against either side-channel analysis or fault attacks, but not both simultaneously, and with significant hardware costs. Its successor, M&M, improves efficiency but lacks protection against ineffective faults. In this paper, we propose StaMAC, a framework aimed at securely incorporating MAC tags against both side-channel and fault adversaries in a non-combined scenario. We extend the security notions outlined in StaTI from TCHES 2024, and propose the notion of MAC-stability, ensuring fault propagation in masked and MACed circuits, necessitating only a single error check at the end of the computation. Additionally, we show that the stability notion from StaTI is arbitrarily composable (whereas it was previously thought to be only serially composable), making it the first arbitrary composable fault security notion which does not require intermediate error checks or correction. Then, we establish the improved protection of masking combined with MAC tags compared to linear encoding techniques by showing bounds on the advantage considering several fault adversaries: a gate/register faulting adversary, an arbitrary register faulting adversary, and a random register faulting adversary. Then, we show how to transform any probing secure circuit to protect against fault attacks using the proposed MAC-stable gadgets implementing field operations. Finally, we demonstrate StaMAC on an AES implementation, evaluating its security and hardware costs compared to the countermeasures using MAC tags.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
Fault attacksSIFA
Contact author(s)
artemii ovchinnikov @ esat kuleuven be
dilara toprakhisar @ esat kuleuven be
History
2025-03-12: approved
2025-03-11: received
See all versions
Short URL
https://ia.cr/2025/455
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/455,
      author = {Siemen Dhooghe and Artemii Ovchinnikov and Dilara Toprakhisar},
      title = {{StaMAC}: Fault Protection via Stable-{MAC} Tags},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/455},
      year = {2025},
      url = {https://eprint.iacr.org/2025/455}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.