Maximal Leakage of Masked Implementations Using Mrs. Gerber's Lemma for Min-Entropy

A common countermeasure against side-channel attacks on secret key cryptographic implementations is $d$th-order masking, which splits each sensitive variable into $d+1$ random shares. In this paper, maximal leakage bounds on the probability of success of any side-channel attack are derived for any masking order. Maximal leakage (Sibson's information of order infinity) is evaluated between the sensitive variable and the noisy leakage, and is related to the conditional ``min-entropy'' (Arimoto's entropy of order infinity) of the sensitive variable given the leakage. The latter conditional entropy is then lower-bounded in terms of the conditional entropies for each share using majorization inequalities. This yields a generalization of Mrs. Gerber's lemma for min-entropy in finite Abelian groups