scholarly journals Verifiable Side-Channel Security of Cryptographic Implementations: Constant-Time MEE-CBC

2016 ◽  
pp. 163-184 ◽  
Author(s):  
José Bacelar Almeida ◽  
Manuel Barbosa ◽  
Gilles Barthe ◽  
François Dupressoir
Keyword(s):  
Constant Time ◽  
Side Channel

scholarly journals Novel Side-Channel Attacks on Quasi-Cyclic Code-Based Cryptography

2019 ◽  
pp. 180-212 ◽  
Author(s):  
Bo-Yeon Sim ◽  
Jihoon Kwon ◽  
Kyu Young Choi ◽  
Jihoon Cho ◽  
Aesun Park ◽  
...  
Keyword(s):  
Power Consumption ◽  
Power Analysis ◽  
Cyclic Code ◽  
Linear Equations ◽  
Constant Time ◽  
Side Channel ◽  
Parity Check ◽  
Side Channel Attacks ◽  
Timing Attacks ◽  
Code Based Cryptography

Chou suggested a constant-time implementation for quasi-cyclic moderatedensity parity-check (QC-MDPC) code-based cryptography to mitigate timing attacks at CHES 2016. This countermeasure was later found to become vulnerable to a differential power analysis (DPA) in private syndrome computation, as described by Rossi et al. at CHES 2017. The proposed DPA, however, still could not completely recover accurate secret indices, requiring further solving linear equations to obtain entire secret information. In this paper, we propose a multiple-trace attack which enables to completely recover accurate secret indices. We further propose a singletrace attack which can even work when using ephemeral keys or applying Rossi et al.’s DPA countermeasures. Our experiments show that the BIKE and LEDAcrypt may become vulnerable to our proposed attacks. The experiments are conducted using power consumption traces measured from ChipWhisperer-Lite XMEGA (8-bit processor) and ChipWhisperer UFO STM32F3 (32-bit processor) target boards.

scholarly journals Side-Channel Evaluation Methodology on Software

Cryptography ◽  
2020 ◽  
Vol 4 (4) ◽  
pp. 27
Author(s):  
Sylvain Guilley ◽  
Khaled Karray ◽  
Thomas Perianin ◽  
Ritu-Ranjan Shrivastwa ◽  
Youssef Souissi ◽  
...  
Keyword(s):  
Source Code ◽  
Use Cases ◽  
Constant Time ◽  
Evaluation Methodology ◽  
Side Channel ◽  
Due Diligence ◽  
Side Channel Attacks ◽  
Common Criteria ◽  
End To End

Cryptographic implementations need to be robust amidst the widespread use of crypto-libraries and attacks targeting their implementation, such as side-channel attacks (SCA). Many certification schemes, such as Common Criteria and FIPS 140, continue without addressing side-channel flaws. Research works mostly tackle sophisticated attacks with simple use-cases, which is not the reality where end-to-end evaluation is not trivial. In this study we used all due diligence to assess the invulnerability of a given implementation from the shoes of an evaluator. In this work we underline that there are two kinds of SCA: horizontal and vertical. In terms of quotation, measurement and exploitation, horizontal SCA is easier. If traces are constant-time, then vertical attacks become convenient, since there is no need for specific alignment (“value based analysis”). We introduce our new methodology: Vary the key to select sensitive samples, where the values depend upon the key, and subsequently vary the mask to uncover unmasked key-dependent leakage, i.e., the flaws. This can be done in the source code (pre-silicon) for the designer or on the actual traces (post-silicon) for the test-lab. We also propose a methodology for quotations regarding SCA unlike standards that focus on only one aspect (like number of traces) and forgets about other aspects (such as equipment; cf. ISO/IEC 20085-1.

scholarly journals Optimizing the Decoding Process of a Post-Quantum Cryptographic Algorithm

2017 ◽  
Author(s):  
Antonio Guimarães ◽  
Diego F. Aranha ◽  
Edson Borin
Keyword(s):  
State Of The Art ◽  
Public Key Cryptography ◽  
Public Key ◽  
Constant Time ◽  
Side Channel ◽  
Security Level ◽  
Encryption Scheme ◽  
Cryptographic Algorithm ◽  
Overall Performance ◽  
Quantum Public Key

QcBits is a state-of-the-art constant-time implementation of a code-based encryption scheme for post-quantum public key cryptography. This paper presents an optimized version of its decoding process, which is used for message decryption. Our implementation leverages SSE and AVX instructions extensions and performs 3.6 to 4.8 times faster than the original version, while preserving the 80-bit security level and constant time execution. We also provide experimental data that indicates a further 1.4-factor speedup supposing the existence of instructions for vectorial conditional moves and 256-bit register shifts. Finally, we implemented countermeasures for side-channel security and showed that they do not affect the overall performance.

scholarly journals One Bit is All It Takes: A Devastating Timing Attack on BLISS’s Non-Constant Time Sign Flips

2020 ◽  
Vol 15 (1) ◽  
pp. 131-142
Author(s):  
Mehdi Tibouchi ◽  
Alexandre Wallet
Keyword(s):  
Likelihood Estimation ◽  
Constant Time ◽  
Side Channel ◽  
Key Recovery ◽  
Signature Generation ◽  
Fisher Information Metric ◽  
Timing Attack ◽  
Information Metric ◽  
Key Recovery Attack ◽  
Cache Attacks

AbstractAs one of the most efficient lattice-based signature schemes, and one of the only ones to have seen deployment beyond an academic setting (e.g., as part of the VPN software suite strongSwan), BLISS has attracted a significant amount of attention in terms of its implementation security, and side-channel vulnerabilities of several parts of its signing algorithm have been identified in previous works. In this paper, we present an even simpler timing attack against it. The bimodal Gaussian distribution that BLISS is named after is achieved using a random sign flip during signature generation, and neither the original implementation of BLISS nor strongSwan ensure that this sign flip is carried out in constant time. It is therefore possible to recover the corresponding sign through side-channel leakage (using, e.g., cache attacks or branch tracing). We show that obtaining this single bit of leakage (for a moderate number of signatures) is in fact sufficient for a full key recovery attack. The recovery is carried out using a maximum likelihood estimation on the space of parameters, which can be seen as a statistical manifold. The analysis of the attack thus reduces to the computation of the Fisher information metric.

Recent Research Trends in Side Channel Attack on Cryptographic Modules and its Countermeasure

2012 ◽  
Vol 132 (1) ◽  
pp. 9-12
Author(s):  
Yu-ichi Hayashi ◽  
Naofumi Homma ◽  
Takaaki Mizuki ◽  
Takafumi Aoki ◽  
Hideaki Sone
Keyword(s):  
Research Trends ◽  
Side Channel ◽  
Side Channel Attack

A Fast Power Current Simulation of Cryptographic VLSI Circuits for Side Channel Attack Evaluation

2013 ◽  
Vol E96.A (12) ◽  
pp. 2533-2541
Author(s):  
Daisuke FUJIMOTO ◽  
Toshihiro KATASHITA ◽  
Akihiko SASAKI ◽  
Yohei HORI ◽  
Akashi SATOH ◽  
...  
Keyword(s):  
Vlsi Circuits ◽  
Side Channel ◽  
Side Channel Attack ◽  
Fast Power

Scan-Based Side-Channel Attack on the Camellia Block Cipher Using Scan Signatures

2015 ◽  
Vol E98.A (12) ◽  
pp. 2547-2555 ◽  
Author(s):  
Huiqian JIANG ◽  
Mika FUJISHIRO ◽  
Hirokazu KODERA ◽  
Masao YANAGISAWA ◽  
Nozomu TOGAWA
Keyword(s):  
Block Cipher ◽  
Side Channel ◽  
Side Channel Attack
Sign in / Sign up

Export Citation Format

Share Document