This work presents a novel, black-box software-based countermeasure against physical attacks including power side-channel and fault-injection attacks. The approach uses the concept of random self-reducibility and self-correctness to add randomness and redundancy in the execution for protection. Our approach is at the operation level, is not algorithm-specific, and thus, can be applied for protecting a wide range of algorithms. The countermeasure is empirically evaluated against attacks over operations like modular exponentiation, modular multiplication, polynomial multiplication, and number theoretic transforms. An end-to-end implementation of this countermeasure is demonstrated for RSA-CRT signature algorithm and Kyber Key Generation public key cryptosystems. The countermeasure reduced the power side-channel leakage by two orders of magnitude, to an acceptably secure level in TVLA analysis. For fault injection, the countermeasure reduces the number of faults to 95.4% in average.

翻译：本文提出了一种新颖的黑盒软件级对策，用于抵御包括功率侧信道和故障注入攻击在内的物理攻击。该方法利用随机自归约性和自纠正性的概念，在执行过程中引入随机性和冗余性以实现防护。我们的对策作用于操作层面，不针对特定算法，因此可广泛应用于各类算法的保护。该对策已通过模幂运算、模乘法、多项式乘法及数论变换等操作的攻击实验进行实证评估。我们针对RSA-CRT签名算法和Kyber密钥生成公钥密码系统实现了该对策的端到端部署。在TVLA分析中，该对策将功率侧信道泄漏降低了两个数量级，达到可接受的安全水平。针对故障注入攻击，该对策平均减少了95.4%的故障数。