Abstract | ||
---|---|---|
Analyzing the security of cryptosystems under attacks based on the malicious modification of memory registers is a research topic of high importance. This type of attack may affect the randomness of the secret parameters by forcing a limited number of bits to a certain value which can be unknown to the attacker. In this context, we revisit the attack on DSA presented by Faugère, Goyet and Renault during the conference SAC 2012: we modify their method and provide a probabilistic approach in opposition to the heuristic proposed therein to measure the limits of the attack. More precisely, the main problem is formulated as a closest vector problem in a lattice, then we study the distribution of vectors with bounded norm in the lattices involved and apply the result to predict the attack behavior. The benefits of this approach are several: The probability of success of this attack can be lower bounded under some conjecture, which is validated by computational experiments. Also, it finds applications to the FLUSH+RELOAD side-channel attack, studied by van de Pol et al. At the end of the article, there is a summary of findings. |
Year | Venue | Keywords |
---|---|---|
2017 | Designs, Codes and Cryptography | DSA, Lattices, Closest vector problem, Exponential sums, 11T71, 11T23, 11H06, 11Y16 |
Field | DocType | Volume |
Heuristic,Lattice (order),Computer science,Cryptosystem,Theoretical computer science,Probabilistic analysis of algorithms,Probabilistic logic,Bounded function,Randomness | Journal | abs/1712.09829 |
Citations | PageRank | References |
0 | 0.34 | 6 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Domingo Gomez-perez | 1 | 61 | 10.22 |
Guénaël Renault | 2 | 111 | 11.76 |