2016 26th International Conference Radioelektronika (RADIOELEKTRONIKA) 2016
DOI: 10.1109/radioelek.2016.7477382
|View full text |Cite
|
Sign up to set email alerts
|

Differential power analysis attack on the secure bit permutation in the McEliece cryptosystem

Abstract: The segment of post-quantum cryptography rises its importance with increasing improvements in the quantum computing. Cryptographic post-quantum algorithms have been proposed since 1970s. However, side-channel attack vulnerabilities of these algorithms are still in focus of the recent research. In this paper, we present a differential power analysis attack on the McEliece public-key cryptosystem. We demonstrate that a part of a private key, permutation matrix, can be recovered using the power analysis. We attac… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
5
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
3
2
2

Relationship

1
6

Authors

Journals

citations
Cited by 12 publications
(5 citation statements)
references
References 13 publications
0
5
0
Order By: Relevance
“…In this paper, we focus on algorithms as in Table IV called iterative conditional branching. It appears in algorithms like square-and-multiply for the modular exponentiation, its counterpart double-and-add for elliptic curve point multiplication [21], [22], or the secure bit permutation in the McEliece cryptosystem [23] attacked in [24]. It also appears naturally (Table V) when trying to turn a loop on the secret into a conditional branching depending on the secret, that can itself be balanced to remove or reduce the dependency on the secret.…”
Section: A Iterative Conditional Branchingmentioning
confidence: 99%
“…In this paper, we focus on algorithms as in Table IV called iterative conditional branching. It appears in algorithms like square-and-multiply for the modular exponentiation, its counterpart double-and-add for elliptic curve point multiplication [21], [22], or the secure bit permutation in the McEliece cryptosystem [23] attacked in [24]. It also appears naturally (Table V) when trying to turn a loop on the secret into a conditional branching depending on the secret, that can itself be balanced to remove or reduce the dependency on the secret.…”
Section: A Iterative Conditional Branchingmentioning
confidence: 99%
“…[Richmond et al 2015] Experimental analysis of matrix multiplication implemented on ARM Cortex-M3 which is required for permutation matrix recovery in syndrome computation. DPA [Petrvalsky et al 2016] Experimental recovery of 64 by 64 permutation matrix from the ARM Cortex-M3.…”
Section: [Von Maurich and Güneysu 2014]mentioning
confidence: 99%
“…OTA [Huang et al 2020 The syndrome was thought to be the variable needed to be attacked, but ciphertext only directs how the syndrome is computed for the parity check matrix and does not contain the ciphertext in it. DPA attack on code-based scheme classical McEliece from [Petrvalsky et al 2016] is launched on bit permutation of ciphertext. HW model is applied to individual bits of leakage model.…”
Section: Ntru Primementioning
confidence: 99%
“…Heyse et al performed a simple power analysis (SPA) attack against software implementations of the original McEliece algorithm [17]. In [33] Our attack also includes solving a learning parity with noise (LPN) problem. We set up and solve a system of noisy binary linear equations to complete the key recovery.…”
Section: Qc-mdpcmentioning
confidence: 99%