Proving SIFA Protection of Masked Redundant Circuits

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Implementation attacks like side-channel and fault attacks pose a considerable threat to cryptographic devices that are physically accessible by an attacker. As a consequence, devices like smart cards implement corresponding countermeasures like redundant computation and masking. Recently, statistically ineffective fault attacks (SIFA) were shown to be able to circumvent these classical countermeasure techniques. We present a new approach for verifying the SIFA protection of arbitrary masked implementations in both hardware and software. The proposed method uses Boolean dependency analysis, factorization, and known properties of masked computations to show whether the fault detection mechanism of redundant masked circuits can leak information about the processed secret values. We implemented this new method in a tool called Danira, which can show the SIFA resistance of cryptographic implementations like AES S-Boxes within minutes.
Original languageEnglish
Title of host publicationAutomated Technology for Verification and Analysis
Subtitle of host publication19th International Symposium, ATVA 2021
Editors Z. Hou, V. Ganesh
Place of PublicationCham
Number of pages16
ISBN (Electronic)978-3-030-88885-5
ISBN (Print)978-3-030-88884-8
Publication statusPublished - 2021
Event19th International Symposium on Automated Technology for Verification and Analysis : ATVA 2021 - Virtuell, Australia
Duration: 18 Oct 202122 Oct 2021

Publication series

NameLecture Notes in Computer Science


Conference19th International Symposium on Automated Technology for Verification and Analysis
Abbreviated titleATVA 2021


  • SIFA
  • verification
  • hardware security

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science (miscellaneous)

Cite this