Fault Attacks on CCA-Secure Lattice KEMs
Offered By: TheIACR via YouTube
Course Description
Overview
Explore fault attacks on CCA-secure lattice-based Key Encapsulation Mechanisms (KEMs) in this 45-minute talk by Peter Pessl at the Workshop on Attacks in Cryptography, held in conjunction with Crypto 2021. Delve into the implementation security of lattice KEMs, focusing on Kyber and Saber. Examine the LPR encryption scheme, Fujisaki-Okamoto transformation, and the process of attacking an FO-KEM. Investigate effective and ineffective faults in the decoder, with a specific look at Kyber's decoding routine. Learn about extracting information through faulting the decoder, gathering inequalities, and solving for the key. Conclude with a discussion on potential countermeasures against these attacks.
Syllabus
Intro
What's that all about?
Status: Implementation Security of Lattice KEM
Kyber, Saber: High-Level Similarities
Our Attack
The LPR Encryption Scheme: Noisy ElGamal
Correctness and Decoding
Fujisaki-Okamoto: CPA PKE
Attacking an FO-KEM
Effective vs. Inflective Faults
(In)Effective Faults in the Decoder
Kyber's Decoding Routine
Faulting the Decoder
Extracting Information
Gathering Inequalities
Solving for the key
Solving Approach
Countermeasures?
Taught by
TheIACR
Related Courses
Side Channel Security – Transient Execution and Fault AttacksGraz University of Technology via edX Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations
Graz University of Technology via edX Security of Edge AI Against Hardware Attacks
tinyML via YouTube Security of Hedged Fiat-Shamir Signatures under Fault Attacks
TheIACR via YouTube Fault Template Attacks on Block Ciphers Exploiting Fault Propagation
TheIACR via YouTube