Multiple-Valued Plaintext-Checking Side-Channel Attacks on Post-Quantum KEMs
نویسندگان
چکیده
In this paper, we present a side-channel analysis (SCA) on key encapsulation mechanisms (KEMs) based the Fujisaki–Okamoto (FO) transformation and its variants. Many post-quantum KEMs usually perform re-encryption during decapsulation to achieve chosen-ciphertext attack (CCA) security. The leakage of can be exploited mount key-recovery plaintext-checking (KR-PCA), even if chosen-plaintext secure decryption constructing KEM is securely implemented. Herein, propose an efficient side-channel-assisted KR-PCA KEMs, recovery with significantly fewer traces than existing ones in TCHES 2022 2023. basic concept proposed introduce new multiple-valued (MV-)PC oracle then implement dedicated MV-PC multi-classification neural network (NN). applicable NIST PQC selected algorithm Kyber similar lattice-based Saber, FrodoKEM NTRU Prime, as well SIKE. We also how realize sufficiently reliable from NN model outputs that are not 100% accurate, analyze tradeoff between success rate number traces. assess feasibility through experiments three typical symmetric primitives instantiate random (SHAKE, SHA3, AES software). reduces required for by up 87% compared attacks against other under condition 99.9999% recovery. reduce 85%
منابع مشابه
Side-Channel Attacks on Quantum-Resistant Supersingular Isogeny Diffie-Hellman
In this paper, we present three side-channel attacks on the quantum-resistant supersingular isogeny Di e-Hellman (SIDH) key exchange protocol. These re ned power analysis attacks target the representation of a zero value in a physical implementation of SIDH to extract bits of the secret key. To understand the behavior of these zero-attacks on SIDH, we investigate the representation of zero in t...
متن کاملMultiple-Differential Side-Channel Collision Attacks on AES
In this paper, two efficient multiple-differential methods to detect collisions in the presence of strong noise are proposed binary and ternary voting. After collisions have been detected, the cryptographic key can be recovered from these collisions using such recent cryptanalytic techniques as linear [1] and algebraic [2] collision attacks. We refer to this combination of the collision detecti...
متن کاملSide channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملAlgebraic Side-Channel Attacks
In 2002, algebraic attacks using overdefined systems of equations have been proposed as a potentially very powerful cryptanalysis technique against block ciphers. However, although a number of convincing experiments have been performed against certain reduced algorithms, it is not clear wether these attacks can be successfully applied in general and to a large class of ciphers. In this paper, w...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR transactions on cryptographic hardware and embedded systems
سال: 2023
ISSN: ['2569-2925']
DOI: https://doi.org/10.46586/tches.v2023.i3.473-503