Banegas, Gustavo ; Krämer, Juliane ; Lange, Tanja ; Meyer, Michael ; Panny, Lorenz ; Reijnders, Krijn ; Sotáková, Jana ; Trimoska, Monika (2023)
Disorientation Faults in CSIDH.
42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques. Lyon, France (23.-27.04.2023)
doi: 10.1007/978-3-031-30589-4_11
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions. Our disorientation attacks effectively flip the direction of some isogeny steps. We achieve this by faulting a specific subroutine, connected to the Legendre symbol or Elligator computations performed during the evaluation of the group action. These subroutines are present in almost all known CSIDH implementations. Post-processing a set of faulty samples allows us to infer constraints on the secret key. The details are implementation specific, but we show that in many cases, it is possible to recover the full secret key with only a modest number of successful fault injections and modest computational resources. We provide full details for attacking the original CSIDH proof-of-concept software as well as the CTIDH constant-time implementation. Finally, we present a set of lightweight countermeasures against the attack and discuss their security.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2023 |
| Autor(en): | Banegas, Gustavo ; Krämer, Juliane ; Lange, Tanja ; Meyer, Michael ; Panny, Lorenz ; Reijnders, Krijn ; Sotáková, Jana ; Trimoska, Monika |
| Art des Eintrags: | Bibliographie |
| Titel: | Disorientation Faults in CSIDH |
| Sprache: | Englisch |
| Publikationsjahr: | 16 April 2023 |
| Verlag: | Springer |
| Buchtitel: | Advances in Cryptology - EUROCRYPT 2023 |
| Reihe: | Lecture Notes in Computer Science |
| Band einer Reihe: | 14008 |
| Veranstaltungstitel: | 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques |
| Veranstaltungsort: | Lyon, France |
| Veranstaltungsdatum: | 23.-27.04.2023 |
| DOI: | 10.1007/978-3-031-30589-4_11 |
| URL / URN: | https://link.springer.com/chapter/10.1007/978-3-031-30589-4_... |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions. Our disorientation attacks effectively flip the direction of some isogeny steps. We achieve this by faulting a specific subroutine, connected to the Legendre symbol or Elligator computations performed during the evaluation of the group action. These subroutines are present in almost all known CSIDH implementations. Post-processing a set of faulty samples allows us to infer constraints on the secret key. The details are implementation specific, but we show that in many cases, it is possible to recover the full secret key with only a modest number of successful fault injections and modest computational resources. We provide full details for attacking the original CSIDH proof-of-concept software as well as the CTIDH constant-time implementation. Finally, we present a set of lightweight countermeasures against the attack and discuss their security. |
| Freie Schlagworte: | Primitives, P1 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > QPC - Quantum and Physical attack resistant Cryptography DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 07 Aug 2023 09:56 |
| Letzte Änderung: | 07 Aug 2023 14:22 |
| PPN: | 510423620 |
| Zugehörige Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum