On Security of XTR Public Key Cryptosystems Against Side Channel Attacks

Many Internet of Things applications in smart cities use elliptic-curve cryptosystems due to their efficiency compared to other well-known public-key cryptosystems such as RSA. One of the important components of an elliptic-curve-based cryptosystem is the elliptic-curve point multiplication which has been shown to be vulnerable to various types of side-channel attacks. Recently, substantial progress has been made in applying deep learning to side-channel attacks. Conceptually, the idea is to monitor a core while it is running encryption for information leakage of a certain kind, for example, power consumption. The knowledge of the underlying encryption algorithm can be used to train a model to recognise the key used for encryption. The model is then applied to traces gathered from the crypto core in order to recover the encryption key. In this article, we propose an RNS GLV elliptic curve cryptography core which is immune to machine learning and deep learning based side-channel attacks. The experimental analysis confirms the proposed crypto core does not leak any information about the private key and therefore it is suitable for hardware implementations.

Download Full-text

An Improved Montgomery Window Algorithm on Modular Exponentiation Secure against Side Channel Attacks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.392.862 ◽

2013 ◽

Vol 392 ◽

pp. 862-866

Author(s):

Mu Han ◽

Jia Zhao ◽

Shi Dian Ma

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Modular Exponentiation ◽

Side Channel Attacks ◽

The Core

As one of the core algorithms in most public key cryptography, modular exponentiation has a flaw of its efficiency, which often uses the Montgomerys algorithm to realize the fast operation. But the Montgomerys algorithm has the issue of side channel leakage from the final conditional subtraction. Aiming at this problem, this paper presents an improved fast Montgomery window algorithm. The new algorithm generates the remainder table with odd power to reduce the amount of pre-computation, and combines with the improved Montgomerys algorithm to realize modular exponentiation, which can accelerate the speed and reduce the side channel leakage. The new algorithm cant only thwart side channel attacks, but also improve the efficiency.

Download Full-text

Lattice-Based Linearly Homomorphic Signature Scheme over F 2

Security and Communication Networks ◽

10.1155/2020/8857815 ◽

2020 ◽

Vol 2020 ◽

pp. 1-7

Author(s):

Jie Cai ◽

Han Jiang ◽

Hao Wang ◽

Qiuliang Xu

Keyword(s):

Public Key ◽

Side Channel ◽

Signature Scheme ◽

Side Channel Attacks ◽

Sampling Function ◽

Uniform Sampling ◽

Restricted Condition ◽

Gaussian Sampling

In this paper, we design a new lattice-based linearly homomorphic signature scheme over F 2 . The existing schemes are all constructed based on hash-and-sign lattice-based signature framework, where the implementation of preimage sampling function is Gaussian sampling, and the use of trapdoor basis needs a larger dimension m ≥ 5 n log q . Hence, they cannot resist potential side-channel attacks and have larger sizes of public key and signature. Under Fiat–Shamir with aborting signature framework and general SIS problem restricted condition m ≥ n log q , we use uniform sampling of filtering technology to design the scheme, and then, our scheme has a smaller public key size and signature size than the existing schemes and it can resist side-channel attacks.

Download Full-text

Generic Side-channel attacks on CCA-secure lattice-based PKE and KEMs

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i3.307-335 ◽

2020 ◽

pp. 307-335 ◽

Cited By ~ 2

Author(s):

Prasanna Ravi ◽

Sujoy Sinha Roy ◽

Anupam Chattopadhyay ◽

Shivam Bhasin

Keyword(s):

Experimental Validation ◽

Error Correcting Codes ◽

Public Key ◽

Side Channel ◽

Public Key Encryption ◽

Side Channel Attacks ◽

Key Recovery ◽

Binary Information ◽

Channel Information ◽

Standardization Process

In this work, we demonstrate generic and practical EM side-channel assisted chosen ciphertext attacks over multiple LWE/LWR-based Public Key Encryption (PKE) and Key Encapsulation Mechanisms (KEM) secure in the chosen ciphertext model (IND-CCA security). We show that the EM side-channel information can be efficiently utilized to instantiate a plaintext checking oracle, which provides binary information about the output of decryption, typically concealed within IND-CCA secure PKE/KEMs, thereby enabling our attacks. Firstly, we identified EM-based side-channel vulnerabilities in the error correcting codes (ECC) enabling us to distinguish based on the value/validity of decrypted codewords. We also identified similar vulnerabilities in the Fujisaki-Okamoto transform which leaks information about decrypted messages applicable to schemes that do not use ECC. We subsequently exploit these vulnerabilities to demonstrate practical attacks applicable to six CCA-secure lattice-based PKE/KEMs competing in the second round of the NIST standardization process. We perform experimental validation of our attacks on implementations taken from the open-source pqm4 library, running on the ARM Cortex-M4 microcontroller. Our attacks lead to complete key-recovery in a matter of minutes on all the targeted schemes, thus showing the effectiveness of our attack.

Download Full-text

On the Importance of Checking Multivariate Public Key Cryptography for Side-Channel Attacks: The Case of enTTS Scheme

The Computer Journal ◽

10.1093/comjnl/bxx010 ◽

2017 ◽

Vol 60 (8) ◽

pp. 1197-1209 ◽

Cited By ~ 7

Author(s):

Haibo Yi ◽

Weijian Li

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Side Channel Attacks ◽

Multivariate Public Key

Download Full-text

Efficiency through Diversity in Ensemble Models applied to Side-Channel Attacks

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i3.60-96 ◽

2021 ◽

pp. 60-96

Author(s):

Gabriel Zaid ◽

Lilian Bossuet ◽

Amaury Habrard ◽

Alexandre Venelli

Keyword(s):

Deep Learning ◽

Model Performance ◽

Public Key ◽

Side Channel ◽

Ensemble Model ◽

Secret Key ◽

Side Channel Attacks ◽

Ensemble Models ◽

Remaining Time ◽

Multiple Scenarios

Deep Learning based Side-Channel Attacks (DL-SCA) are considered as fundamental threats against secure cryptographic implementations. Side-channel attacks aim to recover a secret key using the least number of leakage traces. In DL-SCA, this often translates in having a model with the highest possible accuracy. Increasing an attack’s accuracy is particularly important when an attacker targets public-key cryptographic implementations where the recovery of each secret key bits is directly related to the model’s accuracy. Commonly used in the deep learning field, ensemble models are a well suited method that combine the predictions of multiple models to increase the ensemble accuracy by reducing the correlation between their errors. Linked to this correlation, the diversity is considered as an indicator of the ensemble model performance. In this paper, we propose a new loss, namely Ensembling Loss (EL), that generates an ensemble model which increases the diversity between the members. Based on the mutual information between the ensemble model and its related label, we theoretically demonstrate how the ensemble members interact during the training process. We also study how an attack’s accuracy gain translates to a drastic reduction of the remaining time complexity of a side-channel attacks through multiple scenarios on public-key implementations. Finally, we experimentally evaluate the benefits of our new learning metric on RSA and ECC secure implementations. The Ensembling Loss increases by up to 6.8% the performance of the ensemble model while the remaining brute-force is reduced by up to 222 operations depending on the attack scenario.

Download Full-text