Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.5.1099

Single Trace Analysis against HyMES by Exploitation of Joint Distributions of Leakages  

Park, ByeongGyu (Korea University)
Kim, Suhri (Korea University)
Kim, Hanbit (Korea University)
Jin, Sunghyun (Korea University)
Kim, HeeSeok (Korea University)
Hong, Seokhie (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.5, 2018 , pp. 1099-1112 More about this Journal
Abstract
The field of post-quantum cryptography (PQC) is an active area of research as cryptographers look for public-key cryptosystems that can resist quantum adversaries. Among those categories in PQC, code-based cryptosystem provides high security along with efficiency. Recent works on code-based cryptosystems focus on the side-channel resistant implementation since previous works have indicated the possible side-channel vulnerabilities on existing algorithms. In this paper, we recovered the secret key in HyMES(Hybrid McEliece Scheme) using a single power consumption trace. HyMES is a variant of McEliece cryptosystem that provides smaller keys and faster encryption and decryption speed. During the decryption, the algorithm computes the parity-check matrix which is required when computing the syndrome. We analyzed HyMES using the fact that the joint distributions of nonlinear functions used in this process depend on the secret key. To the best of our knowledge, we were the first to propose the side-channel analysis based on joint distributions of leakages on public-key cryptosystem.
Keywords
HyMES; McEliece; Code based cryptosystem; Side-channel analysis; Joint distribution;
Citations & Related Records
연도 인용수 순위
  • Reference
1 P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," CRYPTO'99, pp. 789-789, 1999.
2 R. J. McEliece, "A public-key cryptosystem based on algebraic coding theory," Deep Space Network Progress, vol. 44, pp. 114-116, 1978.
3 N. Patterson, "The Algebraic Decoding of Goppa Codes," IEEE Transactions on Information Theory, vol. 21, pp. 203-207, 1975.   DOI
4 B. Biswas, N. Sendrier, "McEliece cryptosystem implementation: Theory and practice," PQCrypto 2008, vol. 5299, pp. 47-62, 2008.
5 S. Heyse, A. Moradi, C. Paar, "Practical power analysis attacks on software implementations of McEliece," PQCrypto 2010, vol. 6061, pp. 165-181, 2010.
6 S. Chari, J. Rao, P. Rohatgi, "Template attacks," CHES 2002, vol. 2523, pp. 13-28, 2003.
7 K. Schramm, G. Leander, P. Leander, C. Paar, "A collision attack on AES: Combining side channel and differential attack," CHES 2004, vol. 3156, pp. 163-175, 2004.
8 Y. Linge, C. Dumas, "Using the joint distributions of a cryptographic function in side channel analysis," COSADE 2014, vol. 8622, pp. 199-213, 2014.
9 C. Clavier, B. Feix, G. Gagnerot, M. Roussellet, V. Verneuil, "Horizontal Correlation Analysis on Exponentiation," ICICS 2010, vol. 6476, pp. 46-61, 2010.
10 C. Clavier, L. Reynaud, "Improved blind side-channel analysis by exploitation of joint distributions of leakages," CHES 2017, pp. 24-44, 2017.
11 F. Strenzke, E. Tews, H. Molter, R. Overbeck, A. Shoufan, "Side Channels in the McEliece PKC," PQCrypto 2008, vol. 5299, pp. 216-229, 2008.
12 F. Strenzke, "A timing attack against the secret permutation in the McEliece PKC," PQCrypto 2010, vol.60, pp. 95-107, 2010.
13 R. Avanzi, S. Hoerder, D. Page, M. Tunstall, "Side-channel attacks on the McEliece and Niederreiter public-key cryptosystems," Journal of Cryptographic Engineering, vol. 1, no. 4, pp. 271-281, 2011.   DOI
14 D. J. Bernstein, T. Chou, and P. Schwabe, "McBits: Fast constant-time code-based cryptography," CHES 2013, vol. 8086, pp. 250-272, Aug. 2013.
15 H. B. Nguyen, ''An overview of the NTRU cryptographic system,'' M.S. thesis, 2014.
16 S. Siim, "Study of McEliece cryptosystem," 2015.
17 H. C. Hudde, "Development and Evaluation of a Code-based Cryptography Library for Constrained Devices," M.S. thesis, 2013.
18 P. Shor, "Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer," SIAM review, vol. 41, no. 2, pp. 303-332, 1999.   DOI