Affordable Access

Analysis of the split mask countermeasure for embedded systems

Publication Date
  • Cryptanalysis
  • Countermeasures
  • Dpa
  • Masking
  • Side Channel Analysis
  • Engineering
  • Computing & Technology :: Computer Science [C05]
  • Ingénierie
  • Informatique & Technologie :: Sciences Informatiques [C05]
  • Physics


We analyze a countermeasure against differential power and electromagnetic attacks that was recently introduced under the name of split mask. We show a general weakness of the split mask countermeasure that makes standard DPA attacks with a full key recovery applicable to masked AES and DES implementations. Complexity of the attacks is the same as for unmasked implementations. We implement the most efficient attack on an 8-bit AVR microcontroller. We also show that the strengthened variant of the countermeasure is susceptible to a second order DPA attack independently of the number of used mask tables.

There are no comments yet on this publication. Be the first to share your thoughts.