<!DOCTYPE html> <html lang="en-us" xml:lang="en-us"> <head> <meta charset="utf-8" /> <title>Masked Circuits for Block-Ciphers | CSRC</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="content-script-type" content="text/javascript" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="msapplication-config" content="/CSRC/Media/images/favicons/browserconfig.xml" /> <meta name="theme-color" content="#000000" /> <meta name="google-site-verification" content="xbrnrVYDgLD-Bd64xHLCt4XsPXzUhQ-4lGMj4TdUUTA" /> <meta name="description" content="A main goal of circuit masking is to make more difficult the illegitimate exfiltration of secrets from a circuit evaluation. Masking schemes use secret-sharing of the input bits of a circuit and recompile the circuit logic to ensure that important..." /> <!-- dcterms meta information --> <meta name="dcterms.title" content="Masked Circuits for Block-Ciphers | CSRC | CSRC" /> <meta name="dcterms.description" content="A main goal of circuit masking is to make more difficult the illegitimate exfiltration of secrets from a circuit evaluation. Masking schemes use secret-sharing of the input bits of a circuit and recompile the circuit logic to ensure that important..." /> <meta name="dcterms.creator" content="Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, U.S. Department of Commerce" /> <meta name="dcterms.date.created" scheme="ISO8601" content="2021-05-12" /> <meta name="dcterms.date.reviewed" scheme="ISO8601" content="2024-02-05" /> <meta name="dcterms.language" scheme="DCTERMS.RFC1766" content="EN-US" /> <!-- Facebook OpenGraph Tags --> <meta name="og:site_name" content="CSRC | NIST" /> <meta name="og:type" content="article" /> <meta name="og:url" content="https://csrc.nist.gov/projects/masked-circuits" /> <meta name="og:title" content="Masked Circuits for Block-Ciphers | CSRC | CSRC" /> <meta name="og:description" content="A main goal of circuit masking is to make more difficult the illegitimate exfiltration of secrets from a circuit evaluation. Masking schemes use secret-sharing of the input bits of a circuit and recompile the circuit logic to ensure that important properties of the secret sharing remain across the circuit evaluation. After past exploratory steps to obtain feedback, the Masked Circuits (MC) project is not considering actions toward standardization. However, there is a plan to create a Masked Circuits Library (MCL), specified at the logic level, based on public submissions to a Call for Masked Circuits, planned to be issued later in 2024. Said library will be useful as a baseline for subsequent analysis. See details here. Upcoming (expected for the 2nd half of 2024): Public Call for Concrete Masked Circuits Documents in 2022: feedback 2021a compilation (updated 2022-Jan-27); project scope (2022-Jan-24) Technical note After a d-th order masking, the probing of up to d wires in a masked circuit should..." /> <meta name="article:tag" content="encryption" /> <meta name="article:published_time" content="2021-05-12" /> <meta name="article:modified_time" content="2024-02-05" /> <link rel="apple-touch-icon" sizes="180x180" href="/images/icons/apple-touch-icon.png" /> <link rel="icon" type="image/png" href="/images/icons/favicon-32x32.png" sizes="32x32" /> <link rel="icon" type="image/png" href="/images/icons/favicon-16x16.png" sizes="16x16" /> <link rel="manifest" href="/images/icons/manifest.json" /> <link rel="mask-icon" href="/images/icons/safari-pinned-tab.svg" color="#000000" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="shortcut icon" /> <link href="/CSRC/Media/images/favicons/favicon.ico" type="image/x-icon" rel="icon" /> <link href="/dist/app.css" rel="stylesheet" /> <!-- Highlight.js --> <link href="/dist/highlight-js/github.css" rel="stylesheet" /> <!-- USWDS Top --> <link href="/dist/uswds/css/uswds.css" type="text/css" rel="stylesheet" /> <script type="text/javascript" src="/dist/uswds/js/uswds-init.min.js"></script> <!-- reCAPTCHA v3 --> <style> .grecaptcha-badge { visibility: hidden; } </style> <script async type="text/javascript" id="_fed_an_ua_tag" src="https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=nist&subagency=csrc&pua=UA-66610693-15&yt=true&exts=xsd,xml,wav,mpg,mpeg,avi,rtf,webm,ogg,ogv,oga,map,otf,eot,svg,ttf,woff"></script> <style id="antiClickjackCss"> body > * { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body > * { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjackCss"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-TSQ0PLGJZP"></script> <script> 聽聽window.dataLayer = window.dataLayer || []; 聽聽function gtag(){dataLayer.push(arguments);} 聽聽gtag('js', new Date()); 聽聽gtag('config', 'G-TSQ0PLGJZP'); </script> <!-- Google Tag Manager --> <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-MZQC4NCJ');</script> <!-- End Google Tag Manager --> </head> <body> <!-- Google Tag Manager (noscript) --> <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-MZQC4NCJ" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <!-- End Google Tag Manager (noscript) --> <div id="antiClickjack" style="display: none;"> <strong style="font-size: 1.6rem;">You are viewing this page in an unauthorized frame window.</strong> <p>This is a potential security issue, you are being redirected to <a href="https://csrc.nist.gov">https://csrc.nist.gov</a>.</p> </div> <section class="usa-banner" aria-label="Official website of the United States government"> <div class="usa-accordion"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <div class="usa-banner__inner"> <div class="grid-col-auto"> <img aria-hidden="true" class="usa-banner__header-flag" src="/dist/uswds/img/us_flag_small.png" alt=""/> </div> <div class="grid-col-fill tablet:grid-col-auto" aria-hidden="true"> <p class="usa-banner__header-text"> An official website of the United States government </p> <p class="usa-banner__header-action">Here鈥檚 how you know</p> </div> <button type="button" class="usa-accordion__button usa-banner__button" aria-expanded="false" aria-controls="gov-banner-default"> <span class="usa-banner__button-text">Here鈥檚 how you know</span> </button> </div> </header> <div class="usa-banner__content usa-accordion__content" id="gov-banner-default"> <div class="grid-row grid-gap-lg"> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-dot-gov.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Official websites use .gov</strong><br/>A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> <div class="usa-banner__guidance tablet:grid-col-6"> <img class="usa-banner__icon usa-media-block__img" src="/dist/uswds/img/icon-https.svg" role="img" alt="" aria-hidden="true"/> <div class="usa-media-block__body"> <p> <strong>Secure .gov websites use HTTPS</strong><br/>A <strong>lock</strong> ( <span class="icon-lock"> <svg xmlns="http://www.w3.org/2000/svg" width="52" height="64" viewBox="0 0 52 64" class="usa-banner__lock-image" role="img" aria-labelledby="banner-lock-description-default" focusable="false"> <title id="banner-lock-title-default">Lock</title> <desc id="banner-lock-description-default">Locked padlock icon</desc> <path fill="#000000" fill-rule="evenodd" d="M26 0c10.493 0 19 8.507 19 19v9h3a4 4 0 0 1 4 4v28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V32a4 4 0 0 1 4-4h3v-9C7 8.507 15.507 0 26 0zm0 8c-5.979 0-10.843 4.77-10.996 10.712L15 19v9h22v-9c0-6.075-4.925-11-11-11z"/> </svg> </span >) or <strong>https://</strong> means you鈥檝e safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </section> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row"> <!-- Brand --> <div class="col-xs-6 col-md-4 navbar-header"> <a class="navbar-brand" href="https://www.nist.gov" target="_blank" id="navbar-brand-image"> <img src="/CSRC/media/images/svg/nist-logo.svg" alt="National Institute of Standards and Technology" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <div class="form-inline hidden-sm hidden-xs"> <form name="site-search" id="site-search-form" action="/search" method="GET"> <label for="search-csrc-query" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <input type="hidden" name="ipp" value="25" /> <input type="hidden" name="sortBy" value="relevance" /> <input type="hidden" name="showOnly" value="publications,projects,news,events,presentations,glossary,topics" /> <input type="hidden" name="topicsMatch" value="ANY" /> <input type="hidden" name="status" value="Final,Draft" /> <button type="submit" id="search-csrc-submit-btn" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <span id="nvd-menu-button" class="pull-right"> <a href="#" id="nvd-menu-button-link"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text">CSRC MENU</span> </a> </span> </div> </div> </div> <div class="form-inline hidden-md hidden-lg"> <form name="site-search-mobile" id="site-search-form-mobile" action="/search" method="GET"> <label for="search-csrc-query-mobile" class="element-invisible">Search</label> <input autocomplete="off" class="form-control" id="search-csrc-query-mobile" name="keywords" type="text" size="15" maxlength="128" placeholder="Search CSRC" /> <button type="submit" id="search-csrc-submit-btn-mobile" class="form-submit"> <span class="element-invisible">Search</span> <i class="fa fa-search"></i> </button> </form> </div> <div class="main-menu-row container"> <!-- Collect the nav links, forms, and other content for toggling --> <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/projects">Projects</a></li> <li> <a href="/publications"> Publications <span class="expander fa fa-plus" id="main-menu-pubs-expander" data-expander-name="publications" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="publications" id="main-menu-pubs-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/publications/drafts-open-for-comment">Drafts for Public Comment</a></p> <p><a href="/publications/draft-pubs">All Public Drafts</a></p> <p><a href="/publications/final-pubs">Final Pubs</a></p> <p><a href="/publications/fips">FIPS <small>(standards)</small></a></p> </div> <div class="col-lg-4"> <p><a href="/publications/sp">Special Publications (SP<small>s</small>)</a></p> <p><a href="/publications/ir">IR <small>(interagency/internal reports)</small></a></p> <p><a href="/publications/cswp">CSWP <small>(cybersecurity white papers)</small></a></p> <p><a href="/publications/itl-bulletin">ITL Bulletins</a></p> </div> <div class="col-lg-4"> <p><a href="/publications/project-description">Project Descriptions</a></p> <p><a href="/publications/journal-article">Journal Articles</a></p> <p><a href="/publications/conference-paper">Conference Papers</a></p> <p><a href="/publications/book">Books</a></p> </div> </div> </div> </li> <li> <a href="/topics"> Topics <span class="expander fa fa-plus" id="main-menu-topics-expander" data-expander-name="topics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="topics" id="main-menu-topics-expanded"> <div class="row"> <div class="col-lg-4"> <p><a href="/Topics/Security-and-Privacy">Security & Privacy</a></p> <p><a href="/Topics/Applications">Applications</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Technologies">Technologies</a></p> <p><a href="/Topics/Sectors">Sectors</a></p> </div> <div class="col-lg-4"> <p><a href="/Topics/Laws-and-Regulations">Laws & Regulations</a></p> <p><a href="/Topics/Activities-and-Products">Activities & Products</a></p> </div> </div> </div> </li> <li><a href="/news">News & Updates</a></li> <li><a href="/events">Events</a></li> <li><a href="/glossary">Glossary</a></li> <li> <a href="/about"> About CSRC <span class="expander fa fa-plus" id="main-menu-about-expander" data-expander-name="about" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="about" id="main-menu-about-expanded"> <div class="row"> <div class="col-lg-6"> <p> <strong><a href="/Groups/Computer-Security-Division">Computer Security Division</a></strong><br /> <ul> <li><a href="/Groups/Computer-Security-Division/Cryptographic-Technology">Cryptographic Technology</a></li> <li><a href="/Groups/Computer-Security-Division/Secure-Systems-and-Applications">Secure Systems and Applications</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Components-and-Mechanisms">Security Components and Mechanisms</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Engineering-and-Risk-Management">Security Engineering and Risk Management</a></li> <li><a href="/Groups/Computer-Security-Division/Security-Testing-Validation-and-Measurement">Security Testing, Validation, and Measurement</a></li> </ul> </p> </div> <div class="col-lg-6"> <p> <strong><a href="/Groups/Applied-Cybersecurity-Division">Applied Cybersecurity Division</a></strong><br /> <ul> <li><a href="/Groups/Applied-Cybersecurity-Division/Cybersecurity-and-Privacy-Applications">Cybersecurity and Privacy Applications</a></li> <li><a href="/Groups/Applied-Cybersecurity-Division/National-Cybersecurity-Center-of-Excellence">National Cybersecurity Center of Excellence (NCCoE)</a></li> <li><a href="https://www.nist.gov/nice/">National Initiative for Cybersecurity Education (NICE)</a></li> </ul> </p> <p> <a href="/contact"> Contact Us </a> </p> </div> </div> </div> </li> </ul> </div><!-- /#mobile-nav-container --> </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <div class="hidden-xs hidden-sm" id="itl-header-lg"> <a href="https://www.nist.gov/itl" target="_blank" id="itl-header-link">Information Technology Laboratory</a> </div> <div class="hidden-xs hidden-sm" id="csrc-header-lg"> <a href="/" id="csrc-header-link-lg">Computer Security Resource Center</a> </div> </div> <div class="col-sm-12 col-md-4"> <div class="hidden-xs hidden-sm hidden-md"> <a id="logo-csrc-lg" href="/"><img id="img-logo-csrc-lg" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> <div class="hidden-lg"> <a id="logo-csrc-sm" href="/"><img id="img-logo-csrc-sm" src="/CSRC/Media/images/nist-logo-csrc-white.svg" alt="CSRC Logo" class="csrc-header-logo"></a> </div> </div> </div> </div> </section> <div id="body-section" class="container"> <div class="breadcrumb"> <a href="/projects" class="breadcrumb-link">Projects</a> </div> <h1 id="projectName">Masked Circuits for Block-Ciphers</h1> <div class="page-social-buttons" id=&quot;news-social-buttons&quot;> <a href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fmasked-circuits" class="social-facebook"><i class="fa fa-facebook fa-fw" aria-hidden="true"></i><span class="sr-only">Share to Facebook</span></a> <a href="https://twitter.com/share?url=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fmasked-circuits" class="social-twitter"><i class="fa fa-twitter fa-fw" aria-hidden="true"></i><span class="sr-only">Share to Twitter</span></a> <a href="https://www.linkedin.com/shareArticle?mini=true&amp;url=https%3A%2F%2Fcsrc.nist.gov%2Fprojects%2Fmasked-circuits&amp;source=csrc.nist.gov" class="social-linked-in"><i class="fa fa-linkedin fa-fw" aria-hidden="true"></i><span class="sr-only">Share to LinkedIn</span></a> <a href="mailto:?subject=csrc.nist.gov&amp;body=Check out this site https://csrc.nist.gov/projects/masked-circuits" class="social-email"><i class="fa fa-envelope fa-fw" aria-hidden="true"></i><span class="sr-only">Share ia Email</span></a> </div> <div class="row visible-sm visible-xs visible-md"> <div class="col-sm-12"> <div class="bs-callout bs-callout-subnav" id="projectLinksContainer-sm"> <h4><i class="fa fa-link"></i> Project Links</h4> <div class="project-icons-container"> <span> <a href="/projects/masked-circuits" id="NavOverviewLink-sm"> <i class="fa fa-info-circle"></i> Overview </a> </span> <span> <a href="/Projects/masked-circuits/events" id="NavEventsLink-sm" data-count="1"> <i class="fa fa-calendar-o"></i> Events </a> </span> <span> <a href="/Projects/masked-circuits/publications" id="NavPubsLink-sm" data-count="4"> <i class="fa fa-file-text"></i> Publications </a> </span> <span> <a href="/Projects/masked-circuits/presentations" id="NavPresLink-sm" data-count="4"> <i class="fa fa-desktop"></i> Presentations </a> </span> </div> </div> </div> </div> <div class="row"> <div class="col-lg-8 col-sm-12"> <h3>Overview</h3> <div id="overview"> <p><strong>A main goal of circuit masking is to make more difficult the illegitimate exfiltration of secrets from a circuit evaluation. </strong>Masking schemes use secret-sharing of the input bits of a circuit and recompile the circuit logic to ensure that important properties of the secret sharing remain across the circuit evaluation.</p> <p>After past exploratory steps to obtain feedback, <strong>the Masked Circuits (MC) project is not considering actions toward standardization. However, there is a plan to create a Masked Circuits Library </strong>(MCL), specified at the logic level, based on public submissions to a <strong>Call for Masked Circuits</strong>, planned to be issued later in 2024. Said library will be useful as a baseline for subsequent analysis. See details <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Scope-2022a.pdf"><strong>here</strong></a>.</p> <div class="alert alert-success" role="alert"><strong>Upcoming (expected for the 2nd half of 2024): Public Call for Concrete Masked Circuits</strong></div> <div class="alert alert-info" role="alert"><strong>Documents in 2022:</strong> <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Feedback-2021a-Compilation-v20220127.pdf">feedback 2021a compilation</a> (updated 2022-Jan-27); <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Scope-2022a.pdf">project scope</a> (2022-Jan-24)</div> <div aria-multiselectable="true" class="panel-group" id="collapse1706953126911" role="tablist"> <div class="panel panel-default"> <div class="panel-heading" id="heading1706953126911_1" role="tab"> <div class="panel-title"><a aria-controls="collapse1706953126911_1" aria-expanded="false" class="collapsed" data-parent="#collapse1706953126911" data-target="#collapse1706953126911_1" data-toggle="collapse" href="javascript:void(0)">Technical note </a></div> </div> <div aria-labelledby="heading1706953126911_1" class="collapse panel-collapse" id="collapse1706953126911_1" role="tabpanel"> <div class="panel-body"> <p>After a <em>d</em>-th order masking, the probing of up to <em>d </em>wires in a masked circuit should not reveal information about the logical value of the secret bits in the original circuit. However, various attack models exist and masking does not provide resistance against all conceivable attacks. For example, glitches during the evaluation of a circuit introduce some complications.</p> <p>In noisy leakage scenarios, a potential effect of masking is to enhance resistance against an adversary that can analyze aggregate measures (traces) of power during a circuit evaluation. However, the attained (or not) side-channel resistance depends on the implementation.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1706953126911_2" role="tab"> <div class="panel-title"><a aria-controls="collapse1706953126911_2" aria-expanded="false" class="collapsed" data-parent="#collapse1706953126911" data-target="#collapse1706953126911_2" data-toggle="collapse" href="javascript:void(0)">Project context </a></div> </div> <div aria-labelledby="heading1706953126911_2" class="collapse panel-collapse" id="collapse1706953126911_2" role="tabpanel"> <div class="panel-body"> <p>In 2018/2019, the NIST "Threshold Cryptography" (TC) project considered <strong>circuit masking</strong> as a technique of potential interest [<a href="http://csrc.nist.gov/publications/detail/nistir/8214/final">NISTIR 8214</a>] for exploration from a standardization perspective. The TC project considered two separate tracks: single-device and multi-party [<a href="http://csrc.nist.gov/publications/detail/nistir/8214A/final">NISTIR 8214A</a>]. The relation between <strong>masking</strong> and <strong>"threshold"</strong> is that masking schemes usually use secret-sharing (a fundamental technique in threshold cryptography) to satisfy a threshold property with regard to reconstruction of secret data carried in circuit wires.</p> <p>In 2021, the TC project split into the <strong>masked circuits</strong> (MC) project (a rebranding of the TC single-device setting) and the MPTC project (covering multi-party threshold schemes). Then, after a <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-call-feedback-2021.pdf">call for feedback</a> in June 2021, the <a href="http://csrc.nist.gov/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Scope-2022a.pdf">MC project scope was redefined</a> in January 2022, positioning a goal to collecting reference material in the form of concrete masked circuits, to constitute a Masked Circuits Library (MCL) that will serve as an open reference for use by the community. It is expected that a corresponding call for masked circuits will be issued in the 2nd half of 2024.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1706953126911_3" role="tab"> <div class="panel-title"><a aria-controls="collapse1706953126911_3" aria-expanded="false" class="collapsed" data-parent="#collapse1706953126911" data-target="#collapse1706953126911_3" data-toggle="collapse" href="javascript:void(0)">Public feedback </a></div> </div> <div aria-labelledby="heading1706953126911_3" class="collapse panel-collapse" id="collapse1706953126911_3" role="tabpanel"> <div class="panel-body">Early public feedback about the single-device threshold setting was received in talks at the <a href="https://csrc.nist.gov/Events/2019/NTCW19">NTCW 2019 workshop</a> (sessions II.1 and II.2), comments provided for NISTIR <a href="https://csrc.nist.gov/publications/detail/nistir/8214/final">8214</a> (see the <a href="https://csrc.nist.gov/CSRC/media/Publications/nistir/8214/final/documents/nistir-8214-diff-comments-received.pdf">diff</a>) and <a href="https://csrc.nist.gov/publications/detail/nistir/8214A/final">8214A</a> (see the <a href="https://csrc.nist.gov/CSRC/media/Publications/nistir/8214a/final/documents/nistir-8214a-diff-comments-received.pdf">diff</a>) and at a related <a href="https://www.esat.kuleuven.be/cosic/events/tis-online-workshop/">workshop</a> organized by K.U. Leuven (July 2020). <p>The Masked Circuits <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-call-feedback-2021.pdf">call for feedback</a> issued in June 2021 (open till 2021-Sep-06) received diverse <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Feedback-2021a-Compilation-v20220127.pdf">comments</a>. Some summary notes:&nbsp;</p> <ul> <li>Some comments from Industry convey that the glitch-extended probing model is overkill (too strong as a baseline for security requirements of masking), as real application scenarios might do well with other models that enable cheaper solutions with better performance. Also, Industry comments there are tools to verify design compliance with intended masking, but testing is still necessary to measure leakage / side-channel resistance in hardware.&nbsp;</li> <li>Some comments from Academia appeal for masking schemes that can be based on composable gadgets and be easily extended to higher-orders, and convey that efficiency can still be improved.</li> <li>Other comments mentioned the existence of standards (ISO/IEC) already in place for assessing the security level of cryptographic implementations.</li> </ul> <p>The received feedback did not reveal a consensus about the utility of standardizing concrete masking techniques. Yet, there is a recognized potential value for circuit masking. As a result, the project will focus on a stage of collecting reference material in the form of concrete masked circuits, to constitute a masked circuits library, to serve as an open reference for use by the community.</p> <p>Some talks of related interest have also been hosted by the NIST Crypto Reading Club: <a href="https://csrc.nist.gov/presentations/2021/crypto-club-2021-side-channels-1">2021-Nov-17</a>, <a href="https://csrc.nist.gov/presentations/2021/crypto-club-2021-side-channels-2">2021-Dec-01</a>, <a href="https://csrc.nist.gov/Presentations/2022/crclub-2022-06-29">2022-Jun-29</a>.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading" id="heading1706953126911_4" role="tab"> <div class="panel-title"><a aria-controls="collapse1706953126911_4" aria-expanded="false" class="collapsed" data-parent="#collapse1706953126911" data-target="#collapse1706953126911_4" data-toggle="collapse" href="javascript:void(0)">Upcoming </a></div> </div> <div aria-labelledby="heading1706953126911_4" class="collapse panel-collapse" id="collapse1706953126911_4" role="tabpanel"> <div class="panel-body"> <p><strong>Current project phase. </strong>The project is <a href="/csrc/media/Projects/masked-circuits/documents/Masked-Circuits-Scope-2022a.pdf">positioned</a> to issue a <strong>call for masked circuits</strong> (specified at the logical level). This is expected for sometime after the NIST Threshold Call, later in 2024). In summary, the project plans to collect reference material in the form of concrete masked circuits, to constitute a masked circuits library (MCL), to serve as an open reference for use by the community. The organization of the MCL, to be based on public contributions, will be performed in collaboration with the NIST circuit complexity project. There is an initial focus on circuits for AES, but with time it will be extended to other primitives represented in the form of vectorial Boolean functions.</p> <p><strong>Vision:</strong> In the future, the MCL will serve as a basis for comparative analyses of side-channel leakage and resistance for certain physical implementations. However, said testing and evaluation is currently out of scope for this project. Also, at this stage this project is not considering actions toward standardization.</p> <p><strong>Potential future discussions</strong>, after gathering a baseline MCL, may consider:</p> <ul> <li><strong>Algorithm vs. implementation profiles:</strong> the masking techniques are defined at the algorithmic level, but their effectiveness relies on some hardware implementation assumptions. It is useful to characterize the implementation profiles for which the proposed techniques will improve resistance against side-channel attacks.</li> <li><strong>Usefulness to the industry:</strong> the success of new standards will depend on an alignment with not only improved security but also their adoptability by the industry.</li> </ul> </div> </div> </div> </div> </div> </div> <div class="col-lg-4 hidden-xs hidden-sm hidden-md"> <div class="project-nav-container"> <div class="bs-callout bs-callout-subnav" id="projectLinksContainer-lg"> <h4><i class="fa fa-link"></i> Project Links</h4> <div class="project-icons-container"> <span> <a href="/projects/masked-circuits" id="SideNavOverviewLink"> <i class="fa fa-info-circle"></i> Overview </a> </span> <span> <a href="/Projects/masked-circuits/events" id="SideNavEventsLink" data-count="1"> <i class="fa fa-calendar-o"></i> Events </a> </span> <span> <a href="/Projects/masked-circuits/publications" id="SideNavPubsLink" data-count="4"> <i class="fa fa-file-text"></i> Publications </a> </span> <span> <a href="/Projects/masked-circuits/presentations" id="SideNavPresLink" data-count="4"> <i class="fa fa-desktop"></i> Presentations </a> </span> </div> <h4>Additional Pages</h4> <div id="projectPagesCallout-lg"> <a class="csrc-add-page" data-node-level="0" data-node-order="2" href="/Projects/masked-circuits/email-list" id="projPage0" style="border-left: solid 0rem transparent;">Email List (MC-Forum)</a> </div> </div> </div> <div class="bs-callout bs-callout-success" id="contactsCallout-lg"> <h4><i class="fa fa-user"></i> Contacts</h4> <p id="projContact0"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Reach the</span> <span data-field='lastname'>masked circuits team at</span> </strong><br/><a href='mailto:masked-circuits@nist.gov' data-field='email'>masked-circuits@nist.gov</a><br/></span></p> <p id="projContact1"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Ren茅</span> <span data-field='lastname'>Peralta</span> </strong><br/></span></p> <p id="projContact2"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Lu铆s</span> <span data-field='lastname'>T. A. N. Brand茫o</span> </strong><br/></span></p> </div> <div class="bs-callout bs-callout-danger" id="owningGroupCallout-lg"> <h4><i class="fa fa-sitemap"></i> Group</h4> <a href="/Groups/Computer-Security-Division">Computer Security Division</a> </div> <div class="bs-callout bs-callout-danger" id="topicsCallout-lg"> <h4><i class="fa fa-tag"></i> Topics</h4> <p> <strong id="catName0-lg">Security and Privacy:</strong> <a id="catTopLink0-0-lg" href="/Topics/Security-and-Privacy/cryptography/encryption">encryption</a> </p> </div> <div class="bs-callout bs-callout-warning" id="relatedProjectsCallout-lg"> <h4>Related Projects</h4> <a href="/Projects/block-cipher-techniques" id="relProjLink0">Block Cipher Techniques</a><br/> <a href="/Projects/circuit-complexity" id="relProjLink1">Circuit Complexity</a><br/> <a href="/Projects/lightweight-cryptography" id="relProjLink2">Lightweight Cryptography</a><br/> </div> </div> </div> <div class="row visible-sm visible-xs visible-md"> <div class="col-sm-12"> <div class="bs-callout bs-callout-subnav" id="projectPagesCallout-sm"> <h4>Additional Pages</h4> <p> <a class="csrc-add-page" data-node-level="0" data-node-order="2" href="/Projects/masked-circuits/email-list" id="projPage0-sm" style="border-left: solid 0rem transparent;">Email List (MC-Forum)</a> </p> </div> <div class="bs-callout bs-callout-subnav" id="contactsCallout-sm"> <h4><i class="fa fa-user"></i> Contacts</h4> <p style="padding-left: 15px;"> <span id="projContact0-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Reach the</span> <span data-field='lastname'>masked circuits team at</span> </strong><br/><a href='mailto:masked-circuits@nist.gov' data-field='email'>masked-circuits@nist.gov</a><br/></span></span><br/> <span id="projContact1-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Ren茅</span> <span data-field='lastname'>Peralta</span> </strong><br/></span></span><br/> <span id="projContact2-sm"><span class='contact-display'><strong data-field='full-name'> <span data-field='firstname'>Lu铆s</span> <span data-field='lastname'>T. A. N. Brand茫o</span> </strong><br/></span></span><br/> </p> </div> <div class="bs-callout bs-callout-danger" id="owningGroupCallout-sm"> <h4><i class="fa fa-sitemap"></i> Group</h4> <a href="/Groups/Computer-Security-Division">Computer Security Division</a> </div> <div class="bs-callout bs-callout-danger" id="topicsCallout-sm"> <h4><i class="fa fa-tag"></i> Topics</h4> <p> <strong id="catName0-sm">Security and Privacy:</strong> <a id="catTopLink0-0-sm" href="/Topics/Security-and-Privacy/cryptography/encryption">encryption</a> </p> </div> <div class="bs-callout bs-callout-warning" id="relatedProjectsCallout-sm"> <h4>Related Projects</h4> <p> <a href="/Projects/block-cipher-techniques" id="relProjLink0-sm">Block Cipher Techniques</a><br/> <a href="/Projects/circuit-complexity" id="relProjLink1-sm">Circuit Complexity</a><br/> <a href="/Projects/lightweight-cryptography" id="relProjLink2-sm">Lightweight Cryptography</a><br/> </p> </div> </div> </div> <div class="row"> <div class="col-md-12 historical-data-area" id="historical-data-area"> <span>Created <span id="page-created-date">May 12, 2021</span>, Updated <span id="page-updated-date">February 05, 2024</span></span> </div> </div> <div id="footer-pusher"></div> </div> <footer id="footer"> <div class="container"> <div class="row"> <div class="col-sm-6"> <span class="hidden-xs"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-nist-logo-link"> <img src="/CSRC/Media/images/nist-logo-brand-white.svg" alt="National Institute of Standards and Technology logo" id="footer-nist-logo" /> </a> </span> <div class="row footer-contact-container"> <div class="col-sm-12" id="footer-address"> <strong>HEADQUARTERS</strong><br> 100 Bureau Drive<br> Gaithersburg, MD 20899 </div> </div> </div> <div class="col-sm-6"> <ul class="social-list text-right" style="display: block;"> <li class="field-item service-twitter list-horiz"> <a href="https://twitter.com/NISTCyber" class="social-btn social-btn--large extlink ext" id="footer-social-twitter-link"> <i class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-facebook list-horiz"> <a href="https://www.facebook.com/NIST" class="social-btn social-btn--large extlink ext" id="footer-social-facebook-link"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-linkedin list-horiz"> <a href="https://www.linkedin.com/company/nist" class="social-btn social-btn--large extlink ext" id="footer-social-linkedin-link"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-instagram list-horiz"> <a href="https://www.instagram.com/usnistgov/" class="social-btn social-btn--large extlink ext" id="footer-social-instagram-link"> <i class="fa fa-instagram fa-fw"><span class="element-invisible">instagram</span></i> <span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-youtube list-horiz"> <a href="https://www.youtube.com/user/USNISTGOV" class="social-btn social-btn--large extlink ext" id="footer-social-youtube-link"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> <li class="field-item service-rss list-horiz"> <a href="https://www.nist.gov/news-events/nist-rss-feeds" class="social-btn social-btn--large extlink" id="footer-social-rss-link"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a> </li> <li class="field-item service-govdelivery list-horiz last"> <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="social-btn social-btn--large extlink ext" title="Subscribe to CSRC and publication updates, and other NIST cybersecurity news" id="footer-social-govdelivery-link"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a> </li> </ul> <p class="text-right"> Want updates about CSRC and our publications? <a href="https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" class="btn btn-lg btn-primary" style="background-color: #12659c!important; border-color: #12659c!important;" id="footer-subscribe-link">Subscribe</a> </p> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://www.nist.gov" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo" id="footer-bottom-nist-logo-link"> <img src="/CSRC/Media/images/logo_rev.png" alt="National Institute of Standards and Technology logo" id="footer-bottom-nist-logo" /> </a> </div> </div> <div class="row"> <div class="col-sm-6"> <p> <a href="/about/contact" id="footer-contact-us-link">Contact Us</a> | <a href="https://www.nist.gov/about-nist/visit" style="display: inline-block;" id="footer-org-link">Our Other Offices</a> </p> </div> <div class="col-sm-6"> <span class="pull-right text-right"> Send inquiries to <a href="mailto:csrc-inquiry@nist.gov?subject=CSRC Inquiry" style="display: inline-block;" id="footer-inquiries-link">csrc-inquiry@nist.gov</a> </span> </div> </div> <div class="row"> <div class="footer-bottom-links-container" id="footer-bottom-links-container"> <ul> <li><a href="https://www.nist.gov/privacy-policy">Site Privacy</a></li> <li><a href="https://www.nist.gov/oism/accessibility">Accessibility</a></li> <li><a href="https://www.nist.gov/privacy">Privacy Program</a></li> <li><a href="https://www.nist.gov/oism/copyrights">Copyrights</a></li> <li><a href="https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a></li> <li><a href="https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a></li> <li><a href="https://www.nist.gov/foia">FOIA</a></li> <li><a href="https://www.nist.gov/environmental-policy-statement">Environmental Policy</a></li> <li><a href="https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a></li> <li><a href="https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a></li> <li><a href="https://www.commerce.gov/">Commerce.gov</a></li> <li><a href="https://www.science.gov/">Science.gov</a></li> <li><a href="https://www.usa.gov/">USA.gov</a></li> <li><a href="https://vote.gov/">Vote.gov</a></li> </ul> </div> </div> </div> </footer> <script type="text/javascript" src="/dist/js/quick-collapse.js"></script> <script type="text/javascript" src="/dist/app.bundle.js"></script> <!-- USWDS Bottom --> <script type="text/javascript" src="/dist/uswds/js/uswds.min.js"></script> <script type="text/javascript" src="/dist/projects.bundle.js"></script> </body> </html>