Advertisement

Differential Power Analysis of a McEliece Cryptosystem

  • Cong Chen
  • Thomas EisenbarthEmail author
  • Ingo von Maurich
  • Rainer Steinwandt
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9092)

Abstract

This work presents the first differential power analysis of an implementation of the McEliece cryptosystem. Target of this side-channel attack is a state-of-the-art FPGA implementation of the efficient QC-MDPC McEliece decryption operation as presented at DATE 2014. The presented cryptanalysis succeeds to recover the complete secret key after a few observed decryptions. It consists of a combination of a differential leakage analysis during the syndrome computation followed by an algebraic step that exploits the relation between the public and private key.

Keywords

Differential power analysis McEliece cryptosystem QC-MDPC Codes FPGA 

Notes

Acknowledgments

This work is supported by the National Science Foundation under Grant CNS-1261399 and Grant CNS-1314770. IvM is supported by the European Union H2020 PQCrypto project (Grant no. 645622) and the German Research Foundation (DFG). RS is supported by NATO’s Public Diplomacy Division in the framework of “Science for Peace”, Project MD.SFPP 984520.

References

  1. 1.
    Avanzi, R., Hoerder, S., Page, D., Tunstall, M.: Side-channel attacks on the McEliece and Niederreiter public-key cryptosystems. J. Cryptographic Eng. 1(4), 271–281 (2011)CrossRefGoogle Scholar
  2. 2.
    Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.: On the inherent intractability of certain coding problems (Corresp.). IEEE Trans. Inf. Theory 24(3), 384–386 (1978)CrossRefzbMATHGoogle Scholar
  3. 3.
    Biasi, F.P., Barreto, P.S.L.M., Misoczki, R., Ruggiero, W.V.: Scaling efficient code-based cryptosystems for embedded platforms. J. Cryptographic Eng. 4(2), 123–134 (2014). http://dx.doi.org/10.1007/s13389-014-0070-1 CrossRefGoogle Scholar
  4. 4.
    Bosma, W., Cannon, J., Playoust, C.: The Magma algebra system. I. The user language. J. Symbolic Comput. 24, 235–265 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Faugère, J.C., Otmani, A., Perret, L., de Portzamparc, F., Tillich, J.P.: Folding Alternant and Goppa Codes with Non-Trivial Automorphism Groups. Cryptology ePrint Archive: Report 2014/353, May 2014. http://eprint.iacr.org/2014/353
  6. 6.
    Faugère, J.C., Otmani, A., Perret, L., de Portzamparc, F., Tillich, J.P.: Structural Cryptanalysis of McEliece Schemes with Compact Keys. Cryptology ePrint Archive: Report 2014/210, March 2014. http://eprint.iacr.org/2014/210
  7. 7.
    Faugère, J.-C., Otmani, A., Perret, L., Tillich, J.-P.: Algebraic cryptanalysis of McEliece variants with compact keys. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 279–298. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  8. 8.
    Gallager, R.: Low-density parity-check codes. IRE Trans. Inf. Theory 8(1), 21–28 (1962)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Heyse, S., von Maurich, I., Güneysu, T.: Smaller keys for code-based cryptography: QC-MDPC McEliece implementations on embedded devices. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 273–292. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  10. 10.
    Heyse, S., Moradi, A., Paar, C.: Practical power analysis attacks on software implementations of McEliece. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 108–125. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  11. 11.
    Huffman, W.C., Pless, V.: Fundamentals of Error-Correcting Codes. Cambridge University Press, Cambridge (2010) zbMATHGoogle Scholar
  12. 12.
    Knuth, D.E.: Two notes on notation. Am. Math. Mon. 99(5), 403–422 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems -conversions for McEliece PKC-. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 19–35. Springer, Berlin Heidelberg (2001)Google Scholar
  14. 14.
    Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. J. Cryptographic Eng. 1(1), 5–27 (2011)CrossRefGoogle Scholar
  15. 15.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) CrossRefGoogle Scholar
  16. 16.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smartcards. Springer, New York (2007) Google Scholar
  17. 17.
    von Maurich, I., Güneysu, T.: Lightweight code-based cryptography: QC-MDPC McEliece encryption on reconfigurable devices. In: Design, Automation and Test in Europe - DATE 2014, pp. 1–6. IEEE (2014)Google Scholar
  18. 18.
    von Maurich, I., Güneysu, T.: Towards side-channel resistant implementations of QC-MDPC McEliece encryption on constrained devices. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 266–282. Springer, Heidelberg (2014). http://dx.doi.org/10.1007/978-3-319-11659-4_16 Google Scholar
  19. 19.
    McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. Deep Space Netw. Prog. Rep. 44, 114–116 (1978)Google Scholar
  20. 20.
    Misoczki, R., Tillich, J.P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: New McEliece Variants from Moderate Density Parity-Check Codes. Cryptology ePrint Archive, report 2012/409 (2012). http://eprint.iacr.org/2012/409
  21. 21.
    Misoczki, R., Tillich, J.P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: new McEliece variants from moderate density parity-check codes. In: Proceedings of the 2013 IEEE International Symposium on Information Theory (ISIT), pp. 2069–2073. IEEE (2013)Google Scholar
  22. 22.
    Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the McEliece cryptosystem without random oracles. Des. Codes Crypt. 49(1–3), 289–305 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Shoufan, A., Strenzke, F., Molter, H.G., Stöttinger, M.: A timing attack against patterson algorithm in the McEliece PKC. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 161–175. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  25. 25.
    Strenzke, F.: A timing attack against the secret permutation in the McEliece PKC. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 95–107. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  26. 26.
    Strenzke, F., Tews, E., Molter, H.G., Overbeck, R., Shoufan, A.: Side channels in the McEliece PKC. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 216–229. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  27. 27.
    Whitnall, C., Oswald, E., Standaert, F.-X.: The myth of generic DPA\(\ldots \)and the Magic of Learning. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 183–205. Springer, Heidelberg (2014) CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Cong Chen
    • 1
  • Thomas Eisenbarth
    • 1
    Email author
  • Ingo von Maurich
    • 2
  • Rainer Steinwandt
    • 3
  1. 1.Worcester Polytechnic InstituteWorcesterUSA
  2. 2.Ruhr-Universität BochumBochumGermany
  3. 3.Florida Atlantic UniversityBoca RatonUSA

Personalised recommendations