Abstract
Beginning with the proposal of the McEliece cryptosystem in 1978, code-based cryptography has positioned itself as one of main categories in post-quantum cryptography (PQC). To date, the algebraic security of certain variants of McEliece cryptosystems has been challenged many times, although some of the variants have remained secure. However, recent studies on code-based cryptography have focused on the side-channel resistance since previous studies have indicated that the existing algorithms were vulnerable to side-channel analysis. In this paper, we propose the first side-channel attack on the Hybrid McEliece Scheme (HyMES) using only a single power consumption trace. HyMES is a variant of the McEliece system that provides smaller keys, along with faster encryption and decryption speed. By exploiting joint distributions of nonlinear functions in the decryption process, we were able to recover the private key of HyMES. To the best of our knowledge, this is the first work proposing a side-channel analysis based on a joint distribution of the leakages on the public-key system.
Highlights
Main public-key cryptosystems in use (such as Rivest–Shamir–Adleman (RSA)and elliptic-curve cryptography (ECC)) are based on the difficulty of number theoretic problems.For example, RSA is based on the difficulty of factoring large numbers, while ECC is based on the difficulty of solving discrete logarithm problems on elliptic curves
We propose the first side-channel analysis on Hybrid McEliece Scheme (HyMES) using the joint distributions of leakages
We introduce the basic concepts in code-based cryptography and structures of HyMES
Summary
Main public-key cryptosystems in use (such as Rivest–Shamir–Adleman (RSA). The public key size of McEliece base on the Goppa code is about 437KB for 80-bit security [5]. The side-channel analysis proposed by Kocher et al is an attack based on information gained from the implementation rather than from the algorithm itself [10,11]. In 2010, Heyse et al proposed the SPA (Simple Power Analysis) on McEliece [9] Their attack involved analyzing the power consumption trace obtained during the decoding process. We present our proposed side-channel analysis on HyMES using a single power consumption trace. The proposed method only uses one power consumption trace, and it is the first joint distribution based analysis for public-key cryptography.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
