Christine van Vredendaal scite author profile

Christine van Vredendaal

5Publications

78Citation Statements Received

125Citation Statements Given

How they've been cited

163

How they cite others

124

Affiliations

NXP (Germany), Eindhoven University of Technology, NXP (Netherlands)

Publications

Order By: Most citations

How to Manipulate Curve Standards: A White Paper for the Black Hat http://bada55.cr.yp.to

Bernstein¹,

Chou²,

Chuengsatiansup³

et al. 2015

View full text Add to dashboard Cite

This paper analyzes the cost of breaking ECC under the following assumptions: (1) ECC is using a standardized elliptic curve that was actually chosen by an attacker; (2) the attacker is aware of a vulnerability in some curves that are not publicly known to be vulnerable. This cost includes the cost of exploiting the vulnerability, but also the initial cost of computing a curve suitable for sabotaging the standard. This initial cost depends heavily upon the acceptability criteria used by the public to decide whether to allow a curve as a standard, and (in most cases) also upon the chance of a curve being vulnerable.This paper shows the importance of accurately modeling the actual acceptability criteria: i.e., figuring out what the public can be fooled into accepting. For example, this paper shows that plausible models of the "Brainpool acceptability criteria" allow the attacker to target a one-in-a-million vulnerability and that plausible models of the "Microsoft NUMS criteria" allow the attacker to target a one-in-a-hundred-thousand vulnerability.

show abstract

Sliding Right into Disaster: Left-to-Right Sliding Windows Leak

Bernstein

Breitner

Genkin

et al. 2017

View full text Add to dashboard Cite

DOI to the publisher's website. • The final author version and the galley proof are versions of the publication after peer review. • The final published version features the final layout of the paper including the volume, issue and page numbers. Link to publication General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal. If the publication is distributed under the terms of Article 25fa of the Dutch Copyright Act, indicated by the "Taverne" license above, please follow below link for the End User Agreement:

show abstract

Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber

Hamburg

Hermelink

Primas

et al. 2021

TCHES

View full text Add to dashboard Cite

Single-trace attacks are a considerable threat to implementations of classic public-key schemes, and their implications on newer lattice-based schemes are still not well understood. Two recent works have presented successful single-trace attacks targeting the Number Theoretic Transform (NTT), which is at the heart of many lattice-based schemes. However, these attacks either require a quite powerful side-channel adversary or are restricted to specific scenarios such as the encryption of ephemeral secrets. It is still an open question if such attacks can be performed by simpler adversaries while targeting more common public-key scenarios. In this paper, we answer this question positively. First, we present a method for crafting ring/module-LWE ciphertexts that result in sparse polynomials at the input of inverse NTT computations, independent of the used private key. We then demonstrate how this sparseness can be incorporated into a side-channel attack, thereby significantly improving noise resistance of the attack compared to previous works. The effectiveness of our attack is shown on the use-case of CCA2 secure Kyber k-module-LWE, where k ∈ {2, 3, 4}. Our k-trace attack on the long-term secret can handle noise up to a σ ≤ 1.2 in the noisy Hamming weight leakage model, also for masked implementations. A 2k-trace variant for Kyber1024 even allows noise σ ≤ 2.2 also in the masked case, with more traces allowing us to recover keys up to σ ≤ 2.7. Single-trace attack variants have a noise tolerance depending on the Kyber parameter set, ranging from σ ≤ 0.5 to σ ≤ 0.7. As a comparison, similar previous attacks in the masked setting were only successful with σ ≤ 0.5.

show abstract

A Hybrid Lattice Basis Reduction and Quantum Search Attack on LWE

Göpfert

Vredendaal

Wunderer

2017

View full text Add to dashboard Cite

Fast multiquadratic S-unit computation and application to the calculation of class groups

Biasse

Vredendaal

2019

Open Book Series

View full text Add to dashboard Cite

√ d n) be a real multiquadratic field and S be a set of prime ideals of L. In this paper, we present a heuristic algorithm for the computation of the S-class group and the S-unit group that runs in time Poly(log(), Size(S))e O(√ ln d) where d = i≤n d i and is the discriminant of L. We use this method to compute the ideal class group of the maximal order O L of L in time Poly(log())e O(√ log d). When log(d) ≤ log(log()) c for some constant c < 2, these methods run in polynomial time. We implemented our algorithm using Sage 7.5.1.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.