Profiled Side-channel Attack on Cryptosystems based on the Binary Syndrome Decoding Problem
Uloženo v:
| Název: | Profiled Side-channel Attack on Cryptosystems based on the Binary Syndrome Decoding Problem |
|---|---|
| Autoři: | Colombier, Brice, Dragoi, Vlad, Cayrel, Pierre-Louis, Grosso, Vincent |
| Přispěvatelé: | Architectures and Methods for Resilient Systems (TIMA-AMfoRS ), Techniques de l'Informatique et de la Microélectronique pour l'Architecture des systèmes intégrés (TIMA), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA), Aurel Vlaicu University of Arad (UAV), Laboratoire Hubert Curien (LHC), Institut d'Optique Graduate School (IOGS)-Université Jean Monnet - Saint-Étienne (UJM)-Centre National de la Recherche Scientifique (CNRS) |
| Zdroj: | ISSN: 1556-6013 ; IEEE Transactions on Information Forensics and Security ; https://hal.inria.fr/hal-03726286 ; IEEE Transactions on Information Forensics and Security, In press. |
| Informace o vydavateli: | HAL CCSD Institute of Electrical and Electronics Engineers |
| Rok vydání: | 2022 |
| Sbírka: | Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) |
| Témata: | Post-quantum Cryptography, Syndrome Decoding Problem, Side-channel Attack, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] |
| Popis: | International audience ; The NIST standardization process for post-quantum cryptography has been drawing the attention of researchers to the submitted candidates. One direction of research consists in implementing those candidates on embedded systems and that exposes them to physical attacks in return. The Classic McEliece cryptosystem, which is among the four finalists of round 3 in the Key Encapsulation Mechanism category, builds its security on the hardness of the syndrome decoding problem, which is a classic hard problem in code-based cryptography. This cryptosystem was recently targeted by a laser fault injection attack leading to message recovery. Regrettably, the attack setting is very restrictive and it does not tolerate any error in the faulty syndrome. Moreover, it depends on the very strong attacker model of laser fault injection, and does not apply to optimised implementations of the algorithm that make optimal usage of the machine words capacity. In this article, we propose a to change the angle and perform a message-recovery attack that relies on side-channel information only. We improve on the previously published work in several key aspects. First, we show that sidechannel information, obtained with power consumption analysis, is sufficient to obtain an integer syndrome, as required by the attack framework. This is done by leveraging classic machine learning techniques that recover the Hamming weight information very accurately. Second, we put forward a computationallyefficient method, based on a simple dot product and informationset decoding algorithms, to recover the message from the, possibly inaccurate, recovered integer syndrome. Finally, we present a masking countermeasure against the proposed attack. |
| Druh dokumentu: | article in journal/newspaper |
| Jazyk: | English |
| Relation: | hal-03726286; https://hal.inria.fr/hal-03726286; https://hal.inria.fr/hal-03726286/document; https://hal.inria.fr/hal-03726286/file/TIFS.pdf |
| Dostupnost: | https://hal.inria.fr/hal-03726286 https://hal.inria.fr/hal-03726286/document https://hal.inria.fr/hal-03726286/file/TIFS.pdf |
| Rights: | info:eu-repo/semantics/OpenAccess |
| Přístupové číslo: | edsbas.E45BC304 |
| Databáze: | BASE |
Nájsť tento článok vo Web of Science | FullText | Text: Availability: 0 CustomLinks: – Url: https://hal.inria.fr/hal-03726286# Name: EDS - BASE (s4221598) Category: fullText Text: View record from BASE – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Colombier%20B Name: ISI Category: fullText Text: Nájsť tento článok vo Web of Science Icon: https://imagesrvr.epnet.com/ls/20docs.gif MouseOverText: Nájsť tento článok vo Web of Science |
|---|---|
| Header | DbId: edsbas DbLabel: BASE An: edsbas.E45BC304 RelevancyScore: 925 AccessLevel: 3 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 925.000732421875 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Profiled Side-channel Attack on Cryptosystems based on the Binary Syndrome Decoding Problem – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Colombier%2C+Brice%22">Colombier, Brice</searchLink><br /><searchLink fieldCode="AR" term="%22Dragoi%2C+Vlad%22">Dragoi, Vlad</searchLink><br /><searchLink fieldCode="AR" term="%22Cayrel%2C+Pierre-Louis%22">Cayrel, Pierre-Louis</searchLink><br /><searchLink fieldCode="AR" term="%22Grosso%2C+Vincent%22">Grosso, Vincent</searchLink> – Name: Author Label: Contributors Group: Au Data: Architectures and Methods for Resilient Systems (TIMA-AMfoRS )<br />Techniques de l'Informatique et de la Microélectronique pour l'Architecture des systèmes intégrés (TIMA)<br />Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )<br />Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )<br />Université Grenoble Alpes (UGA)<br />Aurel Vlaicu University of Arad (UAV)<br />Laboratoire Hubert Curien (LHC)<br />Institut d'Optique Graduate School (IOGS)-Université Jean Monnet - Saint-Étienne (UJM)-Centre National de la Recherche Scientifique (CNRS) – Name: TitleSource Label: Source Group: Src Data: <i>ISSN: 1556-6013 ; IEEE Transactions on Information Forensics and Security ; https://hal.inria.fr/hal-03726286 ; IEEE Transactions on Information Forensics and Security, In press</i>. – Name: Publisher Label: Publisher Information Group: PubInfo Data: HAL CCSD<br />Institute of Electrical and Electronics Engineers – Name: DatePubCY Label: Publication Year Group: Date Data: 2022 – Name: Subset Label: Collection Group: HoldingsInfo Data: Archive ouverte HAL (Hyper Article en Ligne, CCSD - Centre pour la Communication Scientifique Directe) – Name: Subject Label: Subject Terms Group: Su Data: <searchLink fieldCode="DE" term="%22Post-quantum+Cryptography%22">Post-quantum Cryptography</searchLink><br /><searchLink fieldCode="DE" term="%22Syndrome+Decoding+Problem%22">Syndrome Decoding Problem</searchLink><br /><searchLink fieldCode="DE" term="%22Side-channel+Attack%22">Side-channel Attack</searchLink><br /><searchLink fieldCode="DE" term="%22[INFO%2EINFO-CR]Computer+Science+[cs]%2FCryptography+and+Security+[cs%2ECR]%22">[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]</searchLink> – Name: Abstract Label: Description Group: Ab Data: International audience ; The NIST standardization process for post-quantum cryptography has been drawing the attention of researchers to the submitted candidates. One direction of research consists in implementing those candidates on embedded systems and that exposes them to physical attacks in return. The Classic McEliece cryptosystem, which is among the four finalists of round 3 in the Key Encapsulation Mechanism category, builds its security on the hardness of the syndrome decoding problem, which is a classic hard problem in code-based cryptography. This cryptosystem was recently targeted by a laser fault injection attack leading to message recovery. Regrettably, the attack setting is very restrictive and it does not tolerate any error in the faulty syndrome. Moreover, it depends on the very strong attacker model of laser fault injection, and does not apply to optimised implementations of the algorithm that make optimal usage of the machine words capacity. In this article, we propose a to change the angle and perform a message-recovery attack that relies on side-channel information only. We improve on the previously published work in several key aspects. First, we show that sidechannel information, obtained with power consumption analysis, is sufficient to obtain an integer syndrome, as required by the attack framework. This is done by leveraging classic machine learning techniques that recover the Hamming weight information very accurately. Second, we put forward a computationallyefficient method, based on a simple dot product and informationset decoding algorithms, to recover the message from the, possibly inaccurate, recovered integer syndrome. Finally, we present a masking countermeasure against the proposed attack. – Name: TypeDocument Label: Document Type Group: TypDoc Data: article in journal/newspaper – Name: Language Label: Language Group: Lang Data: English – Name: NoteTitleSource Label: Relation Group: SrcInfo Data: hal-03726286; https://hal.inria.fr/hal-03726286; https://hal.inria.fr/hal-03726286/document; https://hal.inria.fr/hal-03726286/file/TIFS.pdf – Name: URL Label: Availability Group: URL Data: https://hal.inria.fr/hal-03726286<br />https://hal.inria.fr/hal-03726286/document<br />https://hal.inria.fr/hal-03726286/file/TIFS.pdf – Name: Copyright Label: Rights Group: Cpyrght Data: info:eu-repo/semantics/OpenAccess – Name: AN Label: Accession Number Group: ID Data: edsbas.E45BC304 |
| PLink | https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edsbas&AN=edsbas.E45BC304 |
| RecordInfo | BibRecord: BibEntity: Languages: – Text: English Subjects: – SubjectFull: Post-quantum Cryptography Type: general – SubjectFull: Syndrome Decoding Problem Type: general – SubjectFull: Side-channel Attack Type: general – SubjectFull: [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] Type: general Titles: – TitleFull: Profiled Side-channel Attack on Cryptosystems based on the Binary Syndrome Decoding Problem Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Colombier, Brice – PersonEntity: Name: NameFull: Dragoi, Vlad – PersonEntity: Name: NameFull: Cayrel, Pierre-Louis – PersonEntity: Name: NameFull: Grosso, Vincent – PersonEntity: Name: NameFull: Architectures and Methods for Resilient Systems (TIMA-AMfoRS ) – PersonEntity: Name: NameFull: Techniques de l'Informatique et de la Microélectronique pour l'Architecture des systèmes intégrés (TIMA) – PersonEntity: Name: NameFull: Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ) – PersonEntity: Name: NameFull: Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ) – PersonEntity: Name: NameFull: Université Grenoble Alpes (UGA) – PersonEntity: Name: NameFull: Aurel Vlaicu University of Arad (UAV) – PersonEntity: Name: NameFull: Laboratoire Hubert Curien (LHC) – PersonEntity: Name: NameFull: Institut d'Optique Graduate School (IOGS)-Université Jean Monnet - Saint-Étienne (UJM)-Centre National de la Recherche Scientifique (CNRS) IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 01 Type: published Y: 2022 Identifiers: – Type: issn-locals Value: edsbas – Type: issn-locals Value: edsbas.oa Titles: – TitleFull: ISSN: 1556-6013 ; IEEE Transactions on Information Forensics and Security ; https://hal.inria.fr/hal-03726286 ; IEEE Transactions on Information Forensics and Security, In press Type: main |
| ResultId | 1 |