Full Program
Summary:
This work investigates the application of a side-channel attack from Ravi et al. against a post-quantum Key Encapsulation Mechanism, namely FrodoKEM. Specifically, the attack targets the secret message used by the primitive during the decapsulation by injecting biases in the ciphertext, and studying the evolution of the secret message through the side-channel recovery of its hamming weight.Compared to the seminal work on the attack (from Ravi et al., on different primitives), we propose two new strategies in the choice of the biases: adaptive and brute-force. This leads to more efficient attacks on the various security levels of FrodoKEM.
A discussion on the efficiency of generic side-channel countermeasures (e.g. masking, blinding, shuffling) against this attack on FrodoKEM is also provided.
Author(s):
Pierre-Augustin Berthet
France