Abstract
In this work, we introduce a new timing vulnerability in the decryption operation of the McEliece cryptosystem. Furthermore, we review previously known side channel and fault attacks against the RSA and McEliece cryptosystems and analyze them with respect to their differences and similarities concerning the respective points of attack. We show that it is basically the homomorphic properties of these schemes that allow the special type of message-aimed attacks based on observing the decryption of manipulated versions of the respective ciphertext and derive an according methodology for the analysis of such schemes with respect to these attacks. Consequently, we present new side channel attacks against other public key cryptosystems with homomorphic properties and point out certain aspects that are special to the countermeasures against this type of attack.
Similar content being viewed by others
References
Benaloh, J.: Dense probabilistic encryption. In: Proceedings of the Workshop on Selected Areas of Cryptography, pp. 120–128 (1994)
Biswas, B., Sendrier, N.: McEliece cryptosystem implementation: theory and practice. In: PQCrypto, pp. 47–62 (2008)
Bleichenbacher, D.: Chosen Ciphertext attacks against protocols based on the RSA Encryption Standard PKCS#1. In: CRYPTO, pp. 1–12. Springer-Verlag, London (1998)
Dolev D., Dwork C., Naor M.: Non-malleable cryptography. SIAM J. Comput. 3(2), 391–497 (2000)
El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Proceedings of CRYPTO 84 on Advances in cryptology, pp. 10–18. Springer-Verlag, New York (1985)
Engelbert D., Overbeck R., Schmidt A.: A summary of McEliece-type cryptosystems and their security. J. Math. Cryptol 1(2), 151–199 (2006)
MacWilliams F.J., Sloane N.J.A.: The theory of error correcting codes. North Holland, Amsterdam (1997)
Goldwasser S., Micali S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
Hall, C., Goldberg, I., Schneier, B.: Reaction attacks against several public-key cryptosystems. In: Proceedings of the 2nd International Conference on Information and Communications Security (ICICS’99) vol. 1726, pp. 2–12. LNCS (1999)
James, M.: A chosen ciphertext attack on RSA optimal asymmetric encryption padding (OAEP) as standardized in PKCS#1 v2.0. In: CRYPTO. (2001)
Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems—conversions for McEliece PKC. In: Practice and Theory in Public Key Cryptography—PKC ’01 Proceedings, Springer-Verlag, London (2001)
Kocher, P.: Timing attacks on implementations of Diffie–Hellman, RSA, DSS, and Other Systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, pp. 104–113. Springer-Verlag, London (1996)
Kocher, P., Jaff, J., Jun, B.: Differential power analysis. In: Advances in Cryptology-CRYPTO’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15–19, 1999, Proceedings, vol. 1666, pp. 388–397 (1999)
Mangard S., Oswald E., Popp T.: Power Analysis Attacks: Revealing the Secrets of Smard Cards. Springer, Berlin (2007)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton. http://www.cacr.math.uwaterloo.ca/hac/ (1996)
Niederreiter H.: Knapsack-type cryptosystems and algebraic coding theory. Probl. Control Inf. Theory 15(2), 159–166 (1986)
Overbeck, R.: An analysis of side channels in the McEliece PKC. https://www.cosic.esat.kuleuven.be/nato_arw/slides_participants/Overbeck_slides_nato08.pdf (2008)
Paillier P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Adv. Cryptol. EUROCRYPT 99 1592, 223–238 (1999)
Patterson N.: Algebraic decoding of Goppa codes. IEEE Trans. Inf. Theory 21, 203–207 (1975)
Pointcheval D.: Chosen-chipertext security for any one-way cryptosystem. Proc. PKC 1751, 129–146 (2000)
McEliece R.J.: A public key cryptosystem based on algebraic coding theory. DSN Prog. Rep. 42–44, 114–116 (1978)
RSA Data Security, Redwood City, CA: PKCS#1: RSA Encryption Standard. Version 2.1 (2002)
RSA Laboratories, RSA Security Inc., 20 Crosby Drive, Bedford, MA 01730 USA: RSAES-OAEP Encryption Scheme (2000)
Shoufan A., Strenzke F., Molter H., Stöttinger M.: A timing attack against Patterson algorithm in the McEliece PKC. In: Lee, D., Hong, S. (eds) Information, Security and Cryptology - ICISC 2009, Lecture Notes in Computer Science, vol. 5984, pp. 161–175. Springer, Berlin (2009)
Strenzke, F.: Manger’s attack revisited. In: 12th International Conference on Information and Security on Information and Communications Security (ICICS 2010), LNCS, vol. 6476 (2010)
Strenzke F., Tews E., Molter H., Overbeck R., Shoufan A.: Side Channels in the McEliece PKC. In: BuchmannJ. Ding, J. (eds) Post-Quantum Cryptography, Lecture Notes in Computer Science, vol. 5299., pp. 216–229. Springer, Berlin (2008)
The Botan Library. botan.randombit.net
Author information
Authors and Affiliations
Corresponding author
Additional information
A part of the work of F. Strenzke was done at Cryptography and Computeralgebra, Department of Computer Science, Technische Universität Darmstadt, Germany.
Rights and permissions
About this article
Cite this article
Strenzke, F. Message-aimed side channel and fault attacks against public key cryptosystems with homomorphic properties. J Cryptogr Eng 1, 283–292 (2011). https://doi.org/10.1007/s13389-011-0020-0
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-011-0020-0