CocoAlma: A Versatile Masking Verifier

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Masking techniques are an effective countermeasure against power side-channel attacks.
Unfortunately, correctly masking a hardware circuit is difficult, and mistakes may lead to functionally correct circuits with insufficient protection.
We present CocoAlma, a tool that formally verifies the side-channel resistance of stateful hardware circuits.
Although CocoAlma was initially used to verify programs running on CPUs, we extended it to verify the security of several industrial masked hardware implementations.
We give an overview of the tool's structure, implementation details, optimizations that make it faster and more scalable than its predecessor Rebecca, and changes that enable verifying the probing security of any stateful hardware circuit.
Finally, we evaluate CocoAlma with masked implementations of the Prince and AES ciphers.
Original languageEnglish
Title of host publicationProceedings of the 21st Formal Methods in Computer-Aided Design, FMCAD 2021
EditorsRuzica Piskac, Michael W. Whalen, Warren A. Hunt, Georg Weissenbacher
Number of pages10
ISBN (Electronic)978-3-85448-046-4
Publication statusPublished - 9 Jul 2021
Event21st International Conference on Formal Methods in Computer-Aided Design: FMCAD 2021 - Online, Virtuell, Austria
Duration: 18 Oct 202122 Oct 2021

Publication series

NameProceedings of the 21st Formal Methods in Computer-Aided Design, FMCAD 2021


Conference21st International Conference on Formal Methods in Computer-Aided Design
Abbreviated titleFMCAD 2021
Internet address


  • Side Channels
  • Hardware Masking
  • Formal Verification
  • Side-channels
  • Hardware masking
  • Formal verification

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Graphics and Computer-Aided Design


Dive into the research topics of 'CocoAlma: A Versatile Masking Verifier'. Together they form a unique fingerprint.

Cite this