In this paper, we present a new masking scheme for ring LWE decryption. Our scheme exploits the additively-homomorphic property of the existing ring-LWE encryption schemes and computes an additive-mask as an encryption of a random message. Our solution differs in several aspects from the recent masked ring-LWE implementation by Reparaz et al. presented at CHES 2015; most notably we do not require a masked decoder but work with a conventional, unmasked decoder. As such, we can secure a ring-LWE implementation using additive masking with minimal changes. Our masking scheme is also very generic in the sense that it can be applied to other additively-homomorphic encryption schemes.
Reparaz, O., de Clercq, R., Roy, S. S., Vercauteren, F., & Verbauwhede, I. (2016). Additively homomorphic ring-LWE masking. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9606, pp. 233–244). Springer Verlag. https://doi.org/10.1007/978-3-319-29360-8_15