Cold Boot Attacks on the Supersingular Isogeny Key Encapsulation (SIKE) Mechanism

Villanueva-Polanco, Ricardo; Angulo-Madrid, Eduardo

doi:10.3390/app11010193

Cited by 9 publications

(4 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This problem has been addressed previously in the side-channel analysis literature, with a variety of different algorithms able to solve this problem and the related problem known as the key-rank estimation [43][44][45][46][47][48][49][50][51][52][53][54][55][56][57]. We remark that each method of enumerating the full key candidates defines a new variant of the key-enumeration problem [42] and that these variants arise in many cryptographic contexts [58][59][60][61][62][63].…”

Section: Key Enumeration and Key Rank Estimation Problemmentioning

confidence: 99%

Password Guessability as a Service (PGaaS)

et al. 2022

Self Cite

View full text Add to dashboard Cite

This paper presents an adaptable password guessability service suited for different password generators according to what a user might need when using such a service. In particular, we introduce a flexible cloud-based software architecture engineered to provide an efficient and robust password guessability service that benefits from all the features and goals expected from cloud applications. This architecture comprises several components, featuring the combination of a synthetic dataset generator realized via a generative adversarial network (GAN), which may learn the distribution of passwords from a given dictionary and generate high-quality password guesses, along with a password guessability estimator realized via a password strength estimation algorithm. In addition to detailing the architecture’s components, we run a performance evaluation on the architecture’s key components, obtaining promising results. Finally, the complete application is delivered and may be used by a user to estimate the strength of a password and the time taken by an average computer to enumerate it.

show abstract

Section: Key Enumeration and Key Rank Estimation Problemmentioning

confidence: 99%

Password Guessability as a Service (PGaaS)

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…Additionally, these ideas are applied to tackle the key-recovery problem for toy parameters of Rainbow and McEliece Public-Key Encryption [44]. Another recent paper [47] extends these ideas to successfully key-recovery Supersingular Isogeny Key Encapsulation (SIKE) Mechanism private keys. Furthermore, Albrecht et al [4] explore cold boot attacks on post-quantum cryptographic schemes based on the ring-and module-variants of the Learning with Errors (LWE) problem.…”

Section: Post-quantum Settingmentioning

confidence: 99%

“…Throughout this section, we present a key-recovery method that combines key enumeration algorithms and Grover's algorithm. The first version of this set of algorithms is introduced in [33] in the context of side-channel attacks and recently has been adjusted to be used in the cold boot attack setting on the Supersingular Isogeny Key Encapsulation (SIKE) Mechanism [47].…”

Section: Our Key-recovery Algorithmmentioning

confidence: 99%

On recovering block cipher secret keys in the cold boot attack setting

Banegas¹,

Villanueva-Polanco²

2022

Preprint

Self Cite

View full text Add to dashboard Cite

This paper presents a general strategy to recover a block cipher secret key in the cold boot attack setting. More precisely, we propose a keyrecovery method that combines key enumeration algorithms and Grover's quantum algorithm to recover a block cipher secret key after an attacker has procured a noisy version of it via a cold boot attack. We also show how to implement the quantum component of our algorithm for several block ciphers such as AES, PRESENT and GIFT, and LowMC. Additionally, since evaluating the third-round post-quantum candidates of the National Institute of Standards and Technology (NIST) post-quantum standardization process against different attack vectors is of great importance for their overall assessment, we show the feasibility of performing our hybrid attack on Picnic, a post-quantum signature algorithm being an alternate candidate in the NIST post-quantum standardization competition. According to our results, our method may recover the Picnic private key for all Picnic parameter sets, tolerating up to 40% of noise for some of the parameter sets. Furthermore, we provide a detailed analysis of our method by giving the cost of its resources, its running time, and its success rate for various enumerations.

show abstract

“…A study by Villanueva-Polanco and Angulo-Madrid pointed out that a cold start is when a new entity that has never been evaluated is added to the system and its associated data is extremely scarce. In addition, when a newly registered user joins the system, the user's data is extremely lacking, and it is also impossible to recommend [6]. Karacan et al proposed and applied a novel overlapping method that employs overlapping techniques as a tool to deal with the shortcomings of clustering techniques.…”

Section: Introductionmentioning

confidence: 99%

Tourist Attraction Recommendation Method Based on Megadata and Artificial Intelligence Algorithm

Yun¹,

Jiao

2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

As China’s economy continues to grow of informational technology and mobile Internet industry, the online tourism industry has received more and more extensive attention and use. However, as an emerging industry, users often need to spend a lot of time to choose travel services that match their needs because of the complex amount of relevant information. Under such circumstances, this paper studied the recommendation method in travel platform. First, the big data is used to extract user data. Secondly, the current online travel business recommendation for users has the problem of low accuracy. The reason is that the services provided are still in traditional recommendation algorithm. In this paper, the Bayesian network is used to evaluate the user’s attribute preference and generate a data model, using effective methods in artificial intelligence algorithms to improve collaborative filtering algorithms and finally generate hybrid recommendation algorithms. Compared with the traditional recommendation method, the experimental results showed that the research can improve the recommendation accuracy of tourist attractions by 6.55%, increase the user’s satisfaction for the platform, and enhance the visit rate and retention rate of the tourist attraction recommendation platform.

show abstract

Cold Boot Attacks on the Supersingular Isogeny Key Encapsulation (SIKE) Mechanism

Cited by 9 publications

References 41 publications

Password Guessability as a Service (PGaaS)

Password Guessability as a Service (PGaaS)

On recovering block cipher secret keys in the cold boot attack setting

Tourist Attraction Recommendation Method Based on Megadata and Artificial Intelligence Algorithm

Contact Info

Product

Resources

About