Curse of Re-encryption: A Generic Power/EM Analysis on Post-Quantum KEMs

This paper presents a side-channel analysis (SCA) on key encapsulation mechanism (KEM) based on the Fujisaki–Okamoto (FO) transformation and its variants. The FO transformation has been widely used in actively securing KEMs from passively secure public key encryption (PKE), as it is employed in most of NIST post-quantum cryptography (PQC) candidates for KEM. The proposed attack exploits side-channel leakage during execution of a pseudorandom function (PRF) or pseudorandom number generator (PRG) in the re-encryption of KEM decapsulation as a plaintext-checking oracle that tells whether the PKE decryption result is equivalent to the reference plaintext. The generality and practicality of the plaintext-checking oracle allow the proposed attack to attain a full-key recovery of various KEMs when an active attack on the underlying PKE is known. This paper demonstrates that the proposed attack can be applied to most NIST PQC third-round KEM candidates, namely, Kyber, Saber, FrodoKEM, NTRU, NTRU Prime, HQC, BIKE, and SIKE (for BIKE, the proposed attack achieves a partial key recovery). The applicability to Classic McEliece is unclear because there is no known active attack on this cryptosystem. This paper also presents a side-channel distinguisher design based on deep learning (DL) for mounting the proposed attack on practical implementation without the use of a profiling device. The feasibility of the proposed attack is evaluated through experimental attacks on various PRF implementations (a SHAKE software, an AES software, an AES hardware, a bit-sliced masked AES software, and a masked AES hardware based on threshold implementation). Although it is difficult to implement the oracle using the leakage from the TI-based masked hardware, the success of the proposed attack against these implementations (even except for the masked hardware), which include masked software, confirms its practicality.

Download Full-text

Single-Trace Attacks on Keccak

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i3.243-268 ◽

2020 ◽

pp. 243-268 ◽

Cited By ~ 1

Author(s):

Matthias J. Kannwischer ◽

Peter Pessl ◽

Robert Primas

Keyword(s):

Template Matching ◽

Message Passing ◽

Graphical Model ◽

Side Channel ◽

Key Recovery ◽

Single Observation ◽

Message Passing Algorithm ◽

Post Quantum Cryptography ◽

Single Trace ◽

Differential Attacks

Since its selection as the winner of the SHA-3 competition, Keccak, with all its variants, has found a large number of applications. It is, for instance, a common building block in schemes submitted to NIST’s post-quantum cryptography project. In many of these applications, Keccak processes ephemeral secrets. In such a setting, side-channel adversaries are limited to a single observation, meaning that differential attacks are inherently prevented. If, however, such a single trace of Keccak can already be sufficient for key recovery has so far been unknown. In this paper, we change the above by presenting the first single-trace attack targeting Keccak. Our method is based on soft-analytical side-channel attacks and, thus, combines template matching with message passing in a graphical model of the attacked algorithm. As a straight-forward model of Keccak does not yield satisfactory results, we describe several optimizations for the modeling and the message-passing algorithm. Their combination allows attaining high attack performance in terms of both success rate as well as computational runtime. We evaluate our attack assuming generic software (microcontroller) targets and thus use simulations in the generic noisy Hamming-weight leakage model. Hence, we assume relatively modest profiling capabilities of the adversary. Nonetheless, the attack can reliably recover secrets in a large number of evaluated scenarios at realistic noise levels. Consequently, we demonstrate the need for countermeasures even in settings where DPA is not a threat.

Download Full-text

Generic Side-channel attacks on CCA-secure lattice-based PKE and KEMs

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i3.307-335 ◽

2020 ◽

pp. 307-335 ◽

Cited By ~ 2

Author(s):

Prasanna Ravi ◽

Sujoy Sinha Roy ◽

Anupam Chattopadhyay ◽

Shivam Bhasin

Keyword(s):

Experimental Validation ◽

Error Correcting Codes ◽

Public Key ◽

Side Channel ◽

Public Key Encryption ◽

Side Channel Attacks ◽

Key Recovery ◽

Binary Information ◽

Channel Information ◽

Standardization Process

In this work, we demonstrate generic and practical EM side-channel assisted chosen ciphertext attacks over multiple LWE/LWR-based Public Key Encryption (PKE) and Key Encapsulation Mechanisms (KEM) secure in the chosen ciphertext model (IND-CCA security). We show that the EM side-channel information can be efficiently utilized to instantiate a plaintext checking oracle, which provides binary information about the output of decryption, typically concealed within IND-CCA secure PKE/KEMs, thereby enabling our attacks. Firstly, we identified EM-based side-channel vulnerabilities in the error correcting codes (ECC) enabling us to distinguish based on the value/validity of decrypted codewords. We also identified similar vulnerabilities in the Fujisaki-Okamoto transform which leaks information about decrypted messages applicable to schemes that do not use ECC. We subsequently exploit these vulnerabilities to demonstrate practical attacks applicable to six CCA-secure lattice-based PKE/KEMs competing in the second round of the NIST standardization process. We perform experimental validation of our attacks on implementations taken from the open-source pqm4 library, running on the ARM Cortex-M4 microcontroller. Our attacks lead to complete key-recovery in a matter of minutes on all the targeted schemes, thus showing the effectiveness of our attack.

Download Full-text

Single Trace Side Channel Analysis on NTRU Implementation

Applied Sciences ◽

10.3390/app8112014 ◽

2018 ◽

Vol 8 (11) ◽

pp. 2014 ◽

Cited By ~ 1

Author(s):

Soojung An ◽

Suhri Kim ◽

Sunghyun Jin ◽

HanBit Kim ◽

HeeSeok Kim

Keyword(s):

Power Consumption ◽

Quantum Computer ◽

Side Channel ◽

Side Channel Attacks ◽

Side Channel Analysis ◽

Channel Analysis ◽

Post Quantum Cryptography ◽

Single Trace ◽

Secure Implementation ◽

Single Power

As researches on the quantum computer have progressed immensely, interests in post-quantum cryptography have greatly increased. NTRU is one of the well-known algorithms due to its practical key sizes and fast performance along with the resistance against the quantum adversary. Although NTRU has withstood various algebraic attacks, its side-channel resistance must also be considered for secure implementation. In this paper, we proposed the first single trace attack on NTRU. Previous side-channel attacks on NTRU used numerous power traces, which increase the attack complexity and limit the target algorithm. There are two versions of NTRU implementation published in succession. We demonstrated our attack on both implementations using a single power consumption trace obtained in the decryption phase. Furthermore, we propose a countermeasure to prevent the proposed attacks. Our countermeasure does not degrade in terms of performance.

Download Full-text

Cryptanalysis of Round-Reduced Fantomas, Robin and iSCREAM

Cryptography ◽

10.3390/cryptography3010004 ◽

2019 ◽

Vol 3 (1) ◽

pp. 4 ◽

Cited By ~ 4

Author(s):

Ashutosh Dwivedi ◽

Shalini Dhar ◽

Gautam Srivastava ◽

Rajani Singh

Keyword(s):

Side Channel ◽

Linear Cryptanalysis ◽

Key Recovery ◽

Side Channel Analysis ◽

Linear Characteristic ◽

Random Behavior ◽

Channel Analysis ◽

Key Recovery Attack

In this work, we focus on LS-design ciphers Fantomas, Robin, and iSCREAM. LS-designs are a family of bitslice ciphers aimed at efficient masked implementations against side-channel analysis. We have analyzed Fantomas and Robin with a technique that previously has not been applied to both algorithms or linear cryptanalysis. The idea behind linear cryptanalysis is to build a linear characteristic that describes the relation between plaintext and ciphertext bits. Such a relationship should hold with probability 0.5 (bias is zero) for a secure cipher. Therefore, we try to find a linear characteristic between plaintext and ciphertext where bias is not equal to zero. This non-random behavior of cipher could be converted to some key-recovery attack. For Fantomas and Robin, we find 5 and 7-round linear characteristics. Using these characteristics, we attack both the ciphers with reduced rounds and recover the key for the same number of rounds. We also apply linear cryptanalysis to the famous CAESAR candidate iSCREAM and the closely related LS-design Robin. For iScream, we apply linear cryptanalysis to the round-reduced cipher and find a 7-round best linear characteristics. Based on those linear characteristics we extend the path in the related-key scenario for a higher number of rounds.

Download Full-text

Single Trace Analysis against HyMES by Exploitation of Joint Distributions of Leakages

Applied Sciences ◽

10.3390/app10051831 ◽

2020 ◽

Vol 10 (5) ◽

pp. 1831

Author(s):

ByeongGyu Park ◽

Suhri Kim ◽

Seokhie Hong ◽

HeeSeok Kim ◽

Seog Chung Seo

Keyword(s):

Side Channel ◽

Nonlinear Functions ◽

Side Channel Analysis ◽

The Public ◽

Joint Distributions ◽

Encryption And Decryption ◽

Channel Analysis ◽

Post Quantum Cryptography ◽

Single Trace ◽

Code Based Cryptography

Beginning with the proposal of the McEliece cryptosystem in 1978, code-based cryptography has positioned itself as one of main categories in post-quantum cryptography (PQC). To date, the algebraic security of certain variants of McEliece cryptosystems has been challenged many times, although some of the variants have remained secure. However, recent studies on code-based cryptography have focused on the side-channel resistance since previous studies have indicated that the existing algorithms were vulnerable to side-channel analysis. In this paper, we propose the first side-channel attack on the Hybrid McEliece Scheme (HyMES) using only a single power consumption trace. HyMES is a variant of the McEliece system that provides smaller keys, along with faster encryption and decryption speed. By exploiting joint distributions of nonlinear functions in the decryption process, we were able to recover the private key of HyMES. To the best of our knowledge, this is the first work proposing a side-channel analysis based on a joint distribution of the leakages on the public-key system.

Download Full-text

Cold Boot Attacks on the Supersingular Isogeny Key Encapsulation (SIKE) Mechanism

Applied Sciences ◽

10.3390/app11010193 ◽

2020 ◽

Vol 11 (1) ◽

pp. 193

Author(s):

Ricardo Villanueva-Polanco ◽

Eduardo Angulo-Madrid

Keyword(s):

Success Rates ◽

Secret Key ◽

Enumeration Algorithm ◽

Key Recovery ◽

Recovery Algorithm ◽

Key Encapsulation Mechanism ◽

Standardization Process ◽

Overall Performance ◽

Post Quantum Cryptography ◽

First Time

This research paper evaluates the feasibility of cold boot attacks on the Supersingular Isogeny Key Encapsulation (SIKE) mechanism. This key encapsulation mechanism has been included in the list of alternate candidates of the third round of the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography Standardization Process. To the best of our knowledge, this is the first time this scheme is assessed in the cold boot attacks setting. In particular, our evaluation is focused on the reference implementation of this scheme. Furthermore, we present a dedicated key-recovery algorithm for SIKE in this setting and show that the key recovery algorithm works for all the parameter sets recommended for this scheme. Moreover, we compute the success rates of our key recovery algorithm through simulations and show the key recovery algorithm may reconstruct the SIKE secret key for any SIKE parameters for a fixed and small α=0.001 (the probability of a 0 to 1 bit-flipping) and varying values for β (the probability of a 1 to 0 bit-flipping) in the set {0.001,0.01,…,0.1}. Additionally, we show how to integrate a quantum key enumeration algorithm with our key-recovery algorithm to improve its overall performance.

Download Full-text