A Power Side-Channel Attack on the Reed-Muller Reed-Solomon Version of the HQC Cryptosystem

被引:2
作者
Schamberger, Thomas [1 ]
Holzbaur, Lukas [1 ]
Renner, Julian [1 ]
Wachter-Zeh, Antonia [1 ]
Sigl, Georg [1 ]
机构
[1] Tech Univ Munich, Munich, Germany
来源
POST-QUANTUM CRYPTOGRAPHY (PQCRYPTO 2022) | 2022年 / 13512卷
基金
欧洲研究理事会;
关键词
Error correction; HQC; Post-quantum cryptography; Power analysis; Side-channel analysis;
D O I
10.1007/978-3-031-17234-2_16
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The code-based post-quantum algorithm Hamming Quasi-Cyclic (HQC) is a fourth round candidate in the NIST standardization project. Since their third round version the authors utilize a new combination of error correcting codes, namely a combination of a Reed-Muller and a Reed-Solomon code, which requires an adaption of published attacks. We identify that the power side-channel attack by Uneo et al. from CHES 2021 does not work in practice as they miss the fact that the implemented Reed-Muller decoder does not have a fixed decoding boundary. In this work we provide a novel attack strategy that again allows for a successful attack. Our attack does not rely on simulation to verify its success but is proven with high probability for the HQC parameter sets. In contrast to the timing side-channel attack by Guo et al. we are able to reduce the required attack queries by a factor of 12 and are able to eliminate the inherent uncertainty of their used timing oracle. We show practical attack results utilizing a power side-channel of the used Reed-Solomon decoder on an ARM Cortex-M4 microcontroller. In addition, we provide a discussion on how or whether our attack strategy is usable with the side-channel targets of mentioned related work. Finally, we use information set decoding to evaluate the remaining attack complexity for partially retrieved secret keys. This work again emphasizes the need for a side-channel secure implementation of all relevant building blocks of HQC.
引用
收藏
页码:327 / 352
页数:26
相关论文
共 16 条
[1]  
Aguilar Melchor Carlos, 2020, Technical report
[2]  
Albrecht M.R., NIST POSTQUANTUM CRY
[3]  
[Anonymous], 1983, The Theory of Error-Correcting Codes
[4]   Misuse Attacks on Post-quantum Cryptosystems [J].
Baetu, Ciprian ;
Durak, F. Betuel ;
Huguenin-Dumittan, Lois ;
Talayhan, Abdullah ;
Vaudenay, Serge .
ADVANCES IN CRYPTOLOGY - EUROCRYPT 2019, PT II, 2019, 11477 :747-776
[5]  
Guo Q., 2022, IACR Trans. Cryptogr. Hardw. Embed. Syst., V2022, P223, DOI DOI 10.46586/TCHES.V2022.I3.223-263
[6]   Information-Set Decoding with Hints [J].
Horlemann, Anna-Lena ;
Puchinger, Sven ;
Renner, Julian ;
Schamberger, Thomas ;
Wachter-Zeh, Antonia .
CODE-BASED CRYPTOGRAPHY (CBCRYPTO 2021), 2022, 13150 :60-83
[7]  
Kannwischer M.J., Pqm4 - Post-quantum crypto library for the {ARM} {Cortex-M4}
[8]  
Moody Dustin., 2022, Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process, DOI DOI 10.6028/NIST.IR.8413
[9]   A Timing Attack on the HQC Encryption Scheme [J].
Paiva, Thales Bandiera ;
Terada, Routo .
SELECTED AREAS IN CRYPTOGRAPHY - SAC 2019, 2020, 11959 :551-573
[10]  
Renner J., 2022, THESIS TU MUNCHEN