A practical key-recovery attack on LWE-based key-encapsulation mechanism schemes using Rowhammer
arXiv (Cornell University)(2023)
摘要
Physical attacks are serious threats to cryptosystems deployed in the real
world. In this work, we propose a microarchitectural end-to-end attack
methodology on generic lattice-based post-quantum key encapsulation mechanisms
to recover the long-term secret key. Our attack targets a critical component of
a Fujisaki-Okamoto transform that is used in the construction of almost all
lattice-based key encapsulation mechanisms. We demonstrate our attack model on
practical schemes such as Kyber and Saber by using Rowhammer. We show that our
attack is highly practical and imposes little preconditions on the attacker to
succeed. As an additional contribution, we propose an improved version of the
plaintext checking oracle, which is used by almost all physical attack
strategies on lattice-based key-encapsulation mechanisms. Our improvement
reduces the number of queries to the plaintext checking oracle by as much as
$39\%$ for Saber and approximately $23\%$ for Kyber768. This can be of
independent interest and can also be used to reduce the complexity of other
attacks.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要