Fault Attacks on CCA-Secure Lattice KEMs
Offered By: TheIACR via YouTube
Course Description
Overview
Explore fault attacks on CCA-secure lattice-based Key Encapsulation Mechanisms (KEMs) in this 45-minute talk by Peter Pessl at the Workshop on Attacks in Cryptography, held in conjunction with Crypto 2021. Delve into the implementation security of lattice KEMs, focusing on Kyber and Saber. Examine the LPR encryption scheme, Fujisaki-Okamoto transformation, and the process of attacking an FO-KEM. Investigate effective and ineffective faults in the decoder, with a specific look at Kyber's decoding routine. Learn about extracting information through faulting the decoder, gathering inequalities, and solving for the key. Conclude with a discussion on potential countermeasures against these attacks.
Syllabus
Intro
What's that all about?
Status: Implementation Security of Lattice KEM
Kyber, Saber: High-Level Similarities
Our Attack
The LPR Encryption Scheme: Noisy ElGamal
Correctness and Decoding
Fujisaki-Okamoto: CPA PKE
Attacking an FO-KEM
Effective vs. Inflective Faults
(In)Effective Faults in the Decoder
Kyber's Decoding Routine
Faulting the Decoder
Extracting Information
Gathering Inequalities
Solving for the key
Solving Approach
Countermeasures?
Taught by
TheIACR
Related Courses
Lattices, Post-Quantum Security and Homomorphic EncryptionSimons Institute via YouTube The Learning With Errors Problem and Cryptographic Applications
Simons Institute via YouTube Lattice-Based Cryptography
TheIACR via YouTube Lattice-Based Cryptography
TheIACR via YouTube Lattice Based Cryptography
TheIACR via YouTube