TU Darmstadt / ULB / TUbiblio

Disorientation Faults in CSIDH

Banegas, Gustavo ; Krämer, Juliane ; Lange, Tanja ; Meyer, Michael ; Panny, Lorenz ; Reijnders, Krijn ; Sotáková, Jana ; Trimoska, Monika (2023)
Disorientation Faults in CSIDH.
42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques. Lyon, France (23.04.2023-27.04.2023)
doi: 10.1007/978-3-031-30589-4_11
Conference or Workshop Item, Bibliographie

Abstract

We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions. Our disorientation attacks effectively flip the direction of some isogeny steps. We achieve this by faulting a specific subroutine, connected to the Legendre symbol or Elligator computations performed during the evaluation of the group action. These subroutines are present in almost all known CSIDH implementations. Post-processing a set of faulty samples allows us to infer constraints on the secret key. The details are implementation specific, but we show that in many cases, it is possible to recover the full secret key with only a modest number of successful fault injections and modest computational resources. We provide full details for attacking the original CSIDH proof-of-concept software as well as the CTIDH constant-time implementation. Finally, we present a set of lightweight countermeasures against the attack and discuss their security.

Item Type: Conference or Workshop Item
Erschienen: 2023
Creators: Banegas, Gustavo ; Krämer, Juliane ; Lange, Tanja ; Meyer, Michael ; Panny, Lorenz ; Reijnders, Krijn ; Sotáková, Jana ; Trimoska, Monika
Type of entry: Bibliographie
Title: Disorientation Faults in CSIDH
Language: English
Date: 16 April 2023
Publisher: Springer
Book Title: Advances in Cryptology - EUROCRYPT 2023
Series: Lecture Notes in Computer Science
Series Volume: 14008
Event Title: 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques
Event Location: Lyon, France
Event Dates: 23.04.2023-27.04.2023
DOI: 10.1007/978-3-031-30589-4_11
URL / URN: https://link.springer.com/chapter/10.1007/978-3-031-30589-4_...
Corresponding Links:
Abstract:

We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions. Our disorientation attacks effectively flip the direction of some isogeny steps. We achieve this by faulting a specific subroutine, connected to the Legendre symbol or Elligator computations performed during the evaluation of the group action. These subroutines are present in almost all known CSIDH implementations. Post-processing a set of faulty samples allows us to infer constraints on the secret key. The details are implementation specific, but we show that in many cases, it is possible to recover the full secret key with only a modest number of successful fault injections and modest computational resources. We provide full details for attacking the original CSIDH proof-of-concept software as well as the CTIDH constant-time implementation. Finally, we present a set of lightweight countermeasures against the attack and discuss their security.

Uncontrolled Keywords: Primitives, P1
Divisions: 20 Department of Computer Science
20 Department of Computer Science > QPC - Quantum and Physical attack resistant Cryptography
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Date Deposited: 07 Aug 2023 09:56
Last Modified: 07 Aug 2023 14:22
PPN: 510423620
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details