Abstract
This research paper evaluates the feasibility of cold boot attacks on the Supersingular Isogeny Key Encapsulation (SIKE) mechanism. This key encapsulation mechanism has been included in the list of alternate candidates of the third round of the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography Standardization Process. To the best of our knowledge, this is the first time this scheme is assessed in the cold boot attacks setting. In particular, our evaluation is focused on the reference implementation of this scheme. Furthermore, we present a dedicated key-recovery algorithm for SIKE in this setting and show that the key recovery algorithm works for all the parameter sets recommended for this scheme. Moreover, we compute the success rates of our key recovery algorithm through simulations and show the key recovery algorithm may reconstruct the SIKE secret key for any SIKE parameters for a fixed and small α=0.001 (the probability of a 0 to 1 bit-flipping) and varying values for β (the probability of a 1 to 0 bit-flipping) in the set {0.001,0.01,…,0.1}. Additionally, we show how to integrate a quantum key enumeration algorithm with our key-recovery algorithm to improve its overall performance.
Highlights
IntroductionThis research paper assesses the viability of cold boot attacks on the Supersingular
This research paper assesses the viability of cold boot attacks on the SupersingularIsogeny Key Encapsulation (SIKE) Mechanism [1], which is built upon a key-exchange construction known as Supersingular Isogeny Diffie–Hellman (SIDH) [2]
This research paper addressed the question of the viability of cold boot attacks on Supersingular Isogeny Key Encapsulation (SIKE)
Summary
This research paper assesses the viability of cold boot attacks on the Supersingular. In order to evaluate a public key scheme in this setting, we assume that the attacker procures memory content from a memory region in which the scheme’s secret key was stored, and such adversary obtains a noisy version of it On possession of this noisy memory content, the adversary’s main task is to try to recover the original secret key from its bit-flipped version. The evaluation of a public key encryption scheme in this setting entails three main tasks: (1) the attacker is required to learn the in-memory representations of the scheme’s secret key, i.e., the data structures that are used to store the scheme’s secret key, (2) the attacker is required to estimate error probability distributions for the bit-flipping, and (3) the attacker is required to devise and develop a key-recovery algorithm for the scheme’s secret key.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
