Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend P...Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.展开更多
微架构侧信道攻击(microarchitectural side channel attack)是一种利用处理器微架构状态开展侧信道攻击的方式.它打破了操作系统及其他软件层面提供的隔离手段,严重威胁了用户的信息安全,受到了学术界的广泛关注.与其他传统侧信道攻击...微架构侧信道攻击(microarchitectural side channel attack)是一种利用处理器微架构状态开展侧信道攻击的方式.它打破了操作系统及其他软件层面提供的隔离手段,严重威胁了用户的信息安全,受到了学术界的广泛关注.与其他传统侧信道攻击不同,微架构侧信道攻击不需要攻击者与被攻击对象存在物理接触,也不需要复杂的分析设备,它只需要能够与受害者在同一环境中执行代码就可以完成攻击.基于缓存的侧信道攻击(cache-based side channel attack)利用处理器中广泛存在的缓存(cache)结构,所以这种攻击方式最有吸引力,研究也最为深入.首先总结了微架构侧信道攻击尤其是缓存侧信道攻击相关的硬件架构,之后从攻击者能力、攻击步骤以及攻击目标对攻击模型进行讨论,并根据攻击模型对现有的防御措施进行分类和比较,重点介绍了新型安全缓存架构及其设计方案,最后讨论了现有防御措施面临的挑战以及未来的研究方向.展开更多
基金National Natural Science Foundation of China(62472397)Innovation Program for Quantum Science and Technology(2021ZD0302902)。
文摘Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.
文摘微架构侧信道攻击(microarchitectural side channel attack)是一种利用处理器微架构状态开展侧信道攻击的方式.它打破了操作系统及其他软件层面提供的隔离手段,严重威胁了用户的信息安全,受到了学术界的广泛关注.与其他传统侧信道攻击不同,微架构侧信道攻击不需要攻击者与被攻击对象存在物理接触,也不需要复杂的分析设备,它只需要能够与受害者在同一环境中执行代码就可以完成攻击.基于缓存的侧信道攻击(cache-based side channel attack)利用处理器中广泛存在的缓存(cache)结构,所以这种攻击方式最有吸引力,研究也最为深入.首先总结了微架构侧信道攻击尤其是缓存侧信道攻击相关的硬件架构,之后从攻击者能力、攻击步骤以及攻击目标对攻击模型进行讨论,并根据攻击模型对现有的防御措施进行分类和比较,重点介绍了新型安全缓存架构及其设计方案,最后讨论了现有防御措施面临的挑战以及未来的研究方向.