Cache Attack on BLISS Lattice-Based Signature Scheme

Slide Note
Embed
Share

Public-key cryptography, including the BLISS lattice-based signature scheme, is pervasive in digital security, from code signing to online communication. The looming threat of scalable quantum computers has led to the development of post-quantum cryptography, such as lattice-based cryptography, which offers promising solutions with solid security arguments and efficient constructions. However, side-channel attacks, like cache access patterns, pose a risk, highlighting the need for further research in this evolving field.

erigg
erigg Follow

Uploaded on Sep 24, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Flush, Gauss, and Reload A Cache Attack on the BLISS Lattice-Based Signature Scheme Leon Groot Bruinderink, Andreas H lsing, Tanja Lange, Yuval Yarom Peaks in Dutch Cyber Security Research

  2. Flush, Gauss, and Reload A Cache Attack on the BLISS Lattice- Based Signature Scheme Leon Groot Bruinderink (TU/e), Andreas H lsing (TU/e), Tanja Lange (TU/e), Yuval Yarom (University of Adelaide & NICTA)

  3. (Public-key) cryptography is ubiquitous Code signing (Signatures) Software updates Software distribution Mobile code Communication security (Signatures, PKE / KEX) TLS, SSH, IPSec, ... eCommerce, online banking, eGovernment, ... Private online communication 3

  4. The quantum threat Scalable quantum-computers can efficiently break today s public-key cryptography Predictions for first QC range from 20 years to never Risc assessment 4

  5. Post-quantum cryptography Cryptography conjectured to withstand attacks with (scalable) quantum computers Different areas: Hash-based, code-based, multivariate, isogeny-based and lattice-based cryptography Transition in US planned within next 10 years (NSA & NIST)

  6. Lattice-based cryptography Based on problems from lattice theory: (approximate) shortest vector problem / closest vector problem Post-quantum candidate Efficient constructions for signatures and key- exchange are known Solid formal security arguments Fast implementations First field tests by Google

  7. Side-channels Implementations might leak secret information through timing, cache-access patterns, electro-magnetic radiation, power consumption... Not covered by standard security models. 7

  8. Discrete Gaussians Basic building block in lattice-based cryptography. Used to hide secret. Unknown how to implement efficiently in constant time. (But also unknown how to exploit) 8

  9. BLISS (Ducas, Durmus, Lepoint, Lyubashevsky, CRYPTO 2013) Bimodal lattice signature scheme Most advanced lattice-based signature scheme Open-source implementation in StrongSwan library. 9

  10. BLISS signature Random bit ??? = ?, ? , ? = ?(???|| ); ? = ? + 1?? ? Discrete Gaussian vector Secret key 10

  11. Challenges Found side-channels only leak partial information about ? Information is noisy Only one trace per ? 11

  12. Results Side-channel attack on BLISS (full break). Practical cache attack on both samplers implemented by designers. First algorithm to un-hide secret key given side- channel information for Gaussian noise. Can compute secret key after < 5000 signatures. 12

  13. Paper in proceedings of CHES 2016 Full version available at IACR eprint archive http://eprint.iacr.org/2016/300 Thank you! Questions? 13

Related


Understanding Signature Schemes in Cryptography

Understanding Signature Schemes in Cryptography

eid_sby
Understanding Cache Memory Designs: Set vs Fully Associative Cache

Understanding Cache Memory Designs: Set vs Fully Associative Cache

rit_m
Understanding Cache Memory Organization in Computer Systems

Understanding Cache Memory Organization in Computer Systems

pcre
Adaptive Insertion Policies for High-Performance Caching

Adaptive Insertion Policies for High-Performance Caching

brinnle
Understanding Cache Memory in Computer Architecture

Understanding Cache Memory in Computer Architecture

aiko
Architecting DRAM Caches for Low Latency and High Bandwidth

Architecting DRAM Caches for Low Latency and High Bandwidth

fpiro
Defending Against Cache-Based Side-Channel Attacks

Defending Against Cache-Based Side-Channel Attacks

eath_634
Understanding Signatures, Commitments, and Zero-Knowledge in Lattice Problems

Understanding Signatures, Commitments, and Zero-Knowledge in Lattice Problems

rore830
Signature-Based IDS Schemes for Heavy Vehicles

Signature-Based IDS Schemes for Heavy Vehicles

grer400
Understanding Ionic Bonding and Lattice Energy

Understanding Ionic Bonding and Lattice Energy

elianna
Understanding Cache and Virtual Memory in Computer Systems

Understanding Cache and Virtual Memory in Computer Systems

katy
GPU Scheduling Strategies: Maximizing Performance with Cache-Conscious Wavefront Scheduling

GPU Scheduling Strategies: Maximizing Performance with Cache-Conscious Wavefront Scheduling

aila
Amoeba Cache: Adaptive Blocks for Memory Hierarchy Optimization

Amoeba Cache: Adaptive Blocks for Memory Hierarchy Optimization

stavros_s
Mitigating Conflict-Based Attacks in Modern Systems

Mitigating Conflict-Based Attacks in Modern Systems

urquidi_m
Overview of Indian Oil Corporation Limited Employee Benefits Scheme

Overview of Indian Oil Corporation Limited Employee Benefits Scheme

salsbury_h
Empowering Open Source Development at Bliss Labs & OS

Empowering Open Source Development at Bliss Labs & OS

leja
Understanding Lattice Constants in Materials Using DFT Calculations

Understanding Lattice Constants in Materials Using DFT Calculations

argus
Dynamic Aperture Study for Ion Ring Lattice Optimization

Dynamic Aperture Study for Ion Ring Lattice Optimization

aleisahe
Fast High-Dimensional Filtering and Inference in Fully-Connected CRF

Fast High-Dimensional Filtering and Inference in Fully-Connected CRF

sclau
Understanding Shared Memory Architectures and Cache Coherence

Understanding Shared Memory Architectures and Cache Coherence

itzel
Understanding Shared Memory Architectures and Cache Coherence

Understanding Shared Memory Architectures and Cache Coherence

henri
Comprehensive Guide to Volunteer Management Information System (VMIS) at Fort Bliss Army Volunteer Corps

Comprehensive Guide to Volunteer Management Information System (VMIS) at Fort Bliss Army Volunteer Corps

bra_da
Experience Your Own Special Place of Bliss with Dr. Patrick McCarthy

Experience Your Own Special Place of Bliss with Dr. Patrick McCarthy

ham_hou
Efficient Handling of Cache Miss Rate in FPGAs

Efficient Handling of Cache Miss Rate in FPGAs

favi_82

More Related Content

First Nations Attack on Fort Michilimackinac 1763: Causes, Tribes, and Aftermath
First Nations Attack on Fort Michilimackinac 1763: Causes, Tribes, and Aftermath
Duane Wolf Attack Simulation Study: Insights for Law Enforcement Officers
Duane Wolf Attack Simulation Study: Insights for Law Enforcement Officers
Evolution of Accident Compensation Scheme in New Zealand
Evolution of Accident Compensation Scheme in New Zealand
Understanding the Firefighters Pension Scheme 2015
Understanding the Firefighters Pension Scheme 2015
Performance of Post-Quantum Signatures: Analysis and Comparison
Performance of Post-Quantum Signatures: Analysis and Comparison
Considerations on Inter-PPDU Based Preemption Scheme in IEEE 802.11-23
Considerations on Inter-PPDU Based Preemption Scheme in IEEE 802.11-23
Compact Ring Signatures from LWE - CRYPTO 2021 Research
Compact Ring Signatures from LWE - CRYPTO 2021 Research
Understanding Trapdoor Sampling in Lattice-Based Cryptography
Understanding Trapdoor Sampling in Lattice-Based Cryptography
Technical Presentation on PM-AJAY Scheme by NIC, GOI
Technical Presentation on PM-AJAY Scheme by NIC, GOI
Comprehensive Overview of PM AJAY Scheme Components
Comprehensive Overview of PM AJAY Scheme Components
Overview of Tamil Nadu Mid Day Meal Scheme
Overview of Tamil Nadu Mid Day Meal Scheme
National Health Protection Scheme Overview
National Health Protection Scheme Overview
Export Facilitation Scheme 2021: Enhancing Trade Opportunities for Small and Medium Exporters
Export Facilitation Scheme 2021: Enhancing Trade Opportunities for Small and Medium Exporters
Design Considerations for CEPC Double Ring Scheme
Design Considerations for CEPC Double Ring Scheme
Efficient Key Recovery Attack on SIDH
Efficient Key Recovery Attack on SIDH
Understanding Blending Attacks on Mixes by Meng Tang
Understanding Blending Attacks on Mixes by Meng Tang
Volleyball Referee Hand Signals for Common Violations
Volleyball Referee Hand Signals for Common Violations
Understanding Antigen-Antibody Precipitation Reaction in Microbiology
Understanding Antigen-Antibody Precipitation Reaction in Microbiology
Understanding Zero Field Splitting in ESR Spectroscopy
Understanding Zero Field Splitting in ESR Spectroscopy
Exploration of Poetry Forms: Cicada, Lattice Lichens, Lyric Ode, and Poetic Analysis
Exploration of Poetry Forms: Cicada, Lattice Lichens, Lyric Ode, and Poetic Analysis
Understanding Crystal Structures: Unit Cell Definition and Wigner-Seitz Method
Understanding Crystal Structures: Unit Cell Definition and Wigner-Seitz Method
Understanding Crystal Lattice Planes and Indices
Understanding Crystal Lattice Planes and Indices
Examples of Web Lattice Design and Simulation Tools
Examples of Web Lattice Design and Simulation Tools
Exploring Non-equilibrium Phenomena in Correlated Materials with Ultrafast Electron Probes
Exploring Non-equilibrium Phenomena in Correlated Materials with Ultrafast Electron Probes