A relation calculus for reasoning about t-probing security

In the context of side-channel attacks against cryptographic circuits, t-probing security characterizes the amount of information derivable about sensitive values (e.g., keys) by observing t output/internal values. Non-interference is a useful mathematical tool used by researchers to assess the probing security of a circuit which employs Boolean masking to protect itself from attacks. However, reasoning about non-interference still requires either difficult ratiocination or complex automatic tools. In this work, we propose a novel point of view to reason about non-interference, by exploiting the Walsh transform of a Boolean function. To this end, we introduce a calculus for mechanically reasoning about the shares of a variable and show that this formalism provides a lean algebraic explanation of known compositional patterns allowing for the discovery of new ones. Eventually, we show how this formalism can be applied to study the probing security of known cryptographic gadgets.