Lattice Attacks Against Elliptic-Curve Signatures with Blinded Scalar Multiplication

Goudarzi, Dahmun; Rivain, Matthieu; Vergnaud, Damien

doi:10.1007/978-3-319-69453-5_7

Cited by 6 publications

(4 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since then, the HNP was used in many attacks against biased or leaked nonces in (EC)DSA, often utilizing side channels such as timing [ABuH Other attacks utilizing the HNP include using information about nonce distribution [BH19] or fault injection in the case of the SM2 signature algorithm [LCL13]. There have also been some theoretical extensions [FGR12;GRV16;HR06]. Finally, a very different approach was taken by Mulder et al [MHM + 13], where lattice reduction is used just as a processing step, and the core of the method lies in the Fast Fourier Transform.…”

Section: Related Workmentioning

confidence: 99%

Minerva: The curse of ECDSA nonces

Jančár

Sedláček

Švenda

et al. 2020

TCHES

View full text Add to dashboard Cite

We present our discovery of a group of side-channel vulnerabilities in implementations of the ECDSA signature algorithm in a widely used Atmel AT90SC FIPS 140-2 certified smartcard chip and five cryptographic libraries (libgcrypt, wolfSSL, MatrixSSL, SunEC/OpenJDK/Oracle JDK, Crypto++). Vulnerable implementations leak the bit-length of the scalar used in scalar multiplication via timing. Using leaked bit-length, we mount a lattice attack on a 256-bit curve, after observing enough signing operations. We propose two new methods to recover the full private key requiring just 500 signatures for simulated leakage data, 1200 for real cryptographic library data, and 2100 for smartcard data. The number of signatures needed for a successful attack depends on the chosen method and its parameters as well as on the noise profile, influenced by the type of leakage and used computation platform. We use the set of vulnerabilities reported in this paper, together with the recently published TPM-FAIL vulnerability [MSE+20] as a basis for real-world benchmark datasets to systematically compare our newly proposed methods and all previously published applicable lattice-based key recovery methods. The resulting exhaustive comparison highlights the methods’ sensitivity to its proper parametrization and demonstrates that our methods are more efficient in most cases. For the TPM-FAIL dataset, we decreased the number of required signatures from approximately 40 000 to mere 900.

show abstract

Section: Related Workmentioning

confidence: 99%

Minerva: The curse of ECDSA nonces

Jančár

Sedláček

Švenda

et al. 2020

TCHES

View full text Add to dashboard Cite

show abstract

“…In [13], Coron proposed notably to randomize the exponent and the projective coordinates of the base point. It is an interesting question to extend our attacks in such setting (as it was done recently for ECDSA in [15]). It is also interesting to study the security against side-channel attacks of the pairing-based signatures whose design does not rely on the exponent inversion framework (i.e.…”

Section: Conclusion and Open Questionsmentioning

confidence: 99%

Lattice attacks on pairing-based signatures

Mefenza,

Vergnaud

2023

Information Security Journal: A Global Perspective

Self Cite

View full text Add to dashboard Cite

Practical implementations of cryptosystems often suffer from critical information leakage through side-channels (such as their power consumption or their electromagnetic emanations). For public-key cryptography on embedded systems, the core operation is usually group exponentiation -or scalar multiplication on elliptic curves -which is a sequence of group operations derived from the private-key that may reveal secret bits to an attacker (on an unprotected implementation). We present lattice-based polynomial-time (heuristic) algorithms that recover the signer's secret in popular pairing-based signatures when used to sign several messages under the assumption that blocks of consecutive bits of the corresponding exponents are known by the attacker. Our techniques relies upon Coppersmith method and apply to all signatures in the so-called exponent-inversion framework in the standard security model (i.e. Boneh-Boyen and Gentry signatures) as well as in the random oracle model (i.e. Sakai-Kasahara signatures).

show abstract

“…In such a context, the adversary has no choice but to rely on single-trace attacks which exploit a single leakage trace to infer significant information on the (randomized) scalar. Note that partial information on randomized scalars might still be exploitable, either in the fixed scalar case [SI11,RIL19] or in the nonce scalar case [GRV16], but this partial information must still be significant to retrieve the original scalar (or to break the underlying scheme in the nonce scenario). Several attack techniques exist which aim at making the most of a single leakage trace to fully recover the (randomized) scalar, or at least a significant part of it.…”

Section: Advanced Single-trace Side-channel Attacksmentioning

confidence: 99%

High Order Side-Channel Security for Elliptic-Curve Implementations

Belaïd

Rivain

2022

TCHES

View full text Add to dashboard Cite

Elliptic-curve implementations protected with state-of-the-art countermeasures against side-channel attacks might still be vulnerable to advanced attacks that recover secret information from a single leakage trace. The effectiveness of these attacks is boosted by the emergence of deep learning techniques for side-channel analysis which relax the control or knowledge an adversary must have on the target implementation. In this paper, we provide generic countermeasures to withstand these attacks for a wide range of regular elliptic-curve implementations. We first introduce a framework to formally model a regular algebraic program which consists of a sequence of algebraic operations indexed by key-dependent values. We then introduce a generic countermeasure to protect these types of programs against advanced single-trace side-channel attacks. Our scheme achieves provable security in the noisy leakage model under a formal assumption on the leakage of randomized variables. To demonstrate the applicability of our solution, we provide concrete examples on several widely deployed scalar multiplication algorithms and report some benchmarks for a protected implementation on a smart card.

show abstract

Lattice Attacks Against Elliptic-Curve Signatures with Blinded Scalar Multiplication

Cited by 6 publications

References 30 publications

Minerva: The curse of ECDSA nonces

Minerva: The curse of ECDSA nonces

Lattice attacks on pairing-based signatures

High Order Side-Channel Security for Elliptic-Curve Implementations

Contact Info

Product

Resources

About