Two constructions of optimal pairs of linear codes for resisting side channel and fault injection attacks
share
Direct sum masking (DSM) has been proposed as a counter-measure against side-channel attacks (SCA) and fault injection attacks (FIA), which are nowadays important domains of cryptanalysis. DSM needs two linear codes whose sum is direct and equals a whole space F_q^n. The minimum distance of the former code and the dual distance of the latter should be as large as possible, given their length and dimensions. But the implementation needs in practice to work with words obtained by appending, to each codeword y of the latter code, the source word from which y is the encoding. Let C_1 be an [n, k] linear code over the finite field F_q with generator matrix G and let C_2 be the linear code over the finite field F_q with generator matrix [G, I_k]. It is then highly desired to construct optimal pairs of linear codes satisfying that d( C_2^)= d( C_1^). In this paper, we employ the primitive irreducible cyclic codes to derive two constructions of optimal pairs of linear codes for resisting SCA and FIA, where the security parameters are determined explicitly. To the best of our knowledge, it is the first time that primitive irreducible cyclic codes are used to construct (optimal) pairs of codes. As a byproduct, we obtain the weight enumerators of the codes C_1, C_2, C_1^, and C_2^ in our both constructions.
READ FULL TEXT