Free trial

Differential power analysis on SIKE – part 2

In this blog, we talk about a power analysis attack on SIKE in a semi-static setting.

Side channel attack

Eventually, post-quantum cryptography will be implemented on a physical device and so it will be subjected to the same physical attacks as current cryptography. Side-channel attacks recover secret values from a device by focusing on the extra information unintentionally leaked by the physical implementation. To mount a side-channel attack, first the attacker measures physical variables, such as the timing of certain operations, or power measurements, and then analyzes such measurements to deduce secret values. These types of attack are typically non-invasive.

In this Blog post, we will focus only on power analyses on SIKE. The goal is to exploit the correlation between the processed information and the power consumption of the device. A simple power analysis deduces the information directly from the power measurement.

An example of such an analysis is the recovery of an RSA private key by analyzing the square-and-multiply implementation of the decryption procedure. In this case, the private key is directly recovered only by looking at the power measurement, as a bit set to ‘1’ produces a different pattern in the power consumption than a bit unset (bit equals to ‘0’).

Simple power analysis attacks can be prevented by making sure that all bits of a private key produce identical patterns of power consumptions. However, this does not protect from more powerful techniques, such as Differential Power Analysis (DPA) which statistically assesses values of secret keys by exploiting the link between power consumption and processed information. The two steps of a DPA are the following:

  • Data Collection: The attacker finds a suitable operation that takes several known inputs and one piece of secret information and collects one or more traces of power consumption (known as power traces) corresponding to the execution of such operation.
  • Data Analysis: The attacker tries to find a correlation between the energy consumption and the outputs of the operation, by making a guess on the unknown secret information.

DPA on SIKE

SIKE is a key encapsulation protocol using isogeny. Remember the blog on “SIKE and Side Channel Attacks”, to be able to compute his secret isogeny, Bob needs to calculate his secret point PB = P3 + [sk3]Q3. This operation is called the three-point ladder.

The operation “three-point ladder” is used on each phase of the protocol. The inputs are a part of Alice’s ciphertext (P’B, Q’B) and a Bob’s private key sk3. The computation of P’B + [sk3]Q’B is the following:

Three Point Ladder protocol

The function Ladder3pt takes as input the Bob’s secret key skB in a string bit m, the three points P, Q, Q-P which are part of Alice’s public key and return the point P + mQ.

We can observe that, in line 5 and 7 of the algorithm Ladder3pt, the function is the same but with different inputs. The operation xDBLADD takes as input three points (A,B,C) of an elliptic curve and return (2A, A+B). The goal of the DPA is to differential which of the two operations is used in each iteration of the loops. Indeed, guessing which operation occurred in one iteration gives one bit of the secret key.

DPA on a semi-static setting SIKE

Semi-static setting is not a setting invented for this attack, but it is used every day like the protocol: TLS.

In a semi-static setting, Bob generates one pair of keys (pk3, sk3), and Alice, for each communication, generates a new pair of keys. We will concentrate to recover only the first bit of Bob’s secret key. To recover the other, the attack is the same. Indeed, once the first bit is known, we can upgrade the values of the points and do the exact same thing to recover the second bit and so on.

The attacker does the next steps:

  • For each communication, he measures the power consumption of the first iteration of the three points ladder and intersects the communication between Alice and Bob (to know Alice’s public key).
  • For each communication, he can compute, in his own computer, the two possibilities (line 5 and 7).
  • He correlates the two different results independently with the power traces and looks which of the two has the biggest correlation (in absolute value) which gives the right guess for the bit.

The graph shows the difference of correlation between a good guess (in green) and a wrong guess (in red). We use the fact that the energy consumption is related to the update of the memory registers. The update will be different depending on which line (5 or 7 of the algorithm 1) we used.

Using the same principle, we could make an attack on one trace (i.e., in an ephemeral setting). For more information about this attack and the possible countermeasures, go to the following paper Full key recovery side-channel attack on ephemeral SIKE by A. Genet, N. Kaluderovic and N. Linard.

About CYSEC LAB

CYSEC LAB is a security evaluation lab performing research of front-edge technologies. The team, made of embedded engineers, security researchers and cryptographers, has the complementary skills that allows CYSEC to engineer and develop home made test benches with high performance.

For more information, please visit: www.cysec.com/lab/

 

Media Contact

Alexandre Karlov

alexandre.karlov@cysec.com

Latest Industry News

Securing the ever-evolving healthcare field – A CYSEC & Implicity Partnership
In the ever-evolving healthcare field, the ability to collect and anal...Read more >
i2CAT and CYSEC join forces to advance IoT security within COGNIFOG Project
i2CAT and CYSEC are thrilled to announce their collaboration within th...Read more >
Securing fleets of Container-based Edge Computing Devices
The deployment of a distributed system such as edge computing can be e...Read more >
Thuraya signs agreement with CYSEC
Thuraya Telecommunications Company (Thuraya), the mobile satellite ser...Read more >
CYSEC & TIESSE : Strategic partnership for satellite links security
CYSEC and Tiesse SpA have established a strategic industrial partnersh...Read more >
Performance benchmark made within the SYNAPSE project
The impact that the security provided by ARCA Trusted OS, CYSEC’s ha...Read more >
Qualification of the ARCA SATCOM solution
As part of studies conducted at CNES, CYSEC qualified its ARCA SATCOM ...Read more >
Securing Edge Devices: The Crucial Role of Root of Trust in a Connected World
In the rapidly evolving landscape of IoT (Internet of Things) and edge...Read more >
ARCAOS x86 compatibility with VM environments
CYSEC aims at offering the capacity to launch VMs running in Confident...Read more >
The SYNAPSE PROJECT
A snapshot of the collaborative SYNAPSE project between CYSEC and Look...Read more >
CYSEC design choices and security maintenance processes
Sovereign cloud is emerging as a preferred choice for many organizatio...Read more >
Unlocking the Potential of Remote Attestation: The Future of Trust and Security in a Connected World
The increasing prevalence of network-connected devices and the rise of...Read more >
Protect your sovereign cloud with CYSEC solutions
Sovereign cloud is emerging as a preferred choice for many organizatio...Read more >
A technical deep dive in the secure boot of ARCA Trusted OS for Raspberry Pi 4B
ARCA Trusted OS is an Operating System (OS) that can run on Raspberry ...Read more >
ESA PUSH
Within the PROGRAMME FOR USERBASE ENHANCEMENT (PUSH), ESA selected com...Read more >
Attested VM launch protocol : The result of CYSEC
CYSEC explored the attestation mechanisms offered by two different CPU...Read more >
ARCA SATLINK successfully tested in space
As part of a project for the European Space Agency - ESA our engineeri...Read more >
Linebreak and CYSEC join forces to securely unlock data in enterprise edge computing
enterprises need confidence when running their sensitive workloads in ...Read more >
ARCAOS x86 on mini-servers
CYSEC continues its edge computing strategy expansion by qualifying tw...Read more >
USE CASE MIDEYE – CYSEC
Mideye and CYSEC have decided to work together to deliver a simple and...Read more >
SixSq and CYSEC – A secure end to end edge computing solution
SixSq, an Ekinops company, and CYSEC are thrilled to announce their pa...Read more >
ARCAOS x86 compatibility on AWS
ARCA Trusted OS for x86 can now be deployed into AWS EC2 instances as ...Read more >
PostFinance and CYSEC
PostFinance, the fifth largest retail financial institution in Switzer...Read more >
Crosscon Project – Enhancing Security in Agricultural UAVs: The Power of Remote Attestation
One of the challenges faced by UAVs is their mobility and the potentia...Read more >
Leveraging ChatGPT at the edge on a Raspberry Pi protected by Arca Trusted OS
In this use-case, ARCA Trusted OS protects the data stored on the Rasp...Read more >
A Trusted Environment at the Edge to Run AI Applications
With the adoption of AI at the edge, companies will expand their busin...Read more >
CYSAT
CYSEC has been organizing CYSAT, the biggest European event entirely d...Read more >
Secure your Raspberry Pi for industrial grade usage with ARCA Trusted OS
CYSEC is pleased to announce its new born ARCA Trusted OS for ARM spec...Read more >
World’s first in-orbit cybersecurity demonstration at CYSAT
First offensive security demo on a flying satellite at CYSAT - In orde...Read more >
Trusted and Secure Stream Analytics for Industrial IoT
Crosser, creator of a market leading low-code platform for stream anal...Read more >
What are the NIST SP 800-190 countermeasures in ARCA Trusted OS?
In addition to these recommendations specific to the host OS, ARCA Tru...Read more >
CYSEC AND SIGHUP PARTNER UP
SIGHUP is partnering with Cysec to provide a secure kubernetes-based c...Read more >
Cysec and Ingram Micro new partnership
Ingram Micro Italy, a global leader in Technology and Supply Chain Ser...Read more >
Cysec and Syntheticus team up
“Cysec and Syntheticus team up to offer a solution enabling the migr...Read more >
SECURED FLEET OF DRONES
The drones industry is getting a lot of success in many verticals such...Read more >
CYSEC raises 2 million CHF with KARISTA’S Newspace Fund
CYSEC announces it has raised an additional €2m from Karista. The bu...Read more >
How Cysec helps you leverage confidential VMs in public clouds
Based on the Confidential Computing Consortium, Confidential Computing...Read more >
For automated, scalable, and secure edge computing environments
LAUSANNE, SWITZERLAND. and STOCKHOLM, SWEDEN. Cysec, a software provid...Read more >
How to migrate your sensitive data to public clouds?
There is a clear trend to migrate data from organizations and companie...Read more >
Web3 and Secure Computing: Cysec case Study
Web3 refers to the next Internet generation, one that leverages public...Read more >
CYSEC featured on cybernews!
Cysec has been mentioned, by the experts of cybernews.com, as one of t...Read more >
Kata Containers: Cysec case Study
Cysec offers to run its orchestration platform with several runtimes s...Read more >
Spacebel and CYSEC team up on a contract with the European Space Agency (ESA)
The European Space Agency (ESA) awarded a contract to Spacebel (Prime ...Read more >
“Because of geopolitical and economical pressures, company data protection is essential”
A talk with the CEO and Co-Founder of CYSECRead more >
Announcing Nicolas Chaillan and Octave Klaba as keynote speakers at CYSAT
The full event agenda is liveRead more >
New Space Economy MOOC
An online course on the challenges of commercial space missions.Read more >
Kata Containers: the ultimate workloads isolation
Introducing Kata Containers supportRead more >
Cybersecurity for Enterprise Blockchain Solutions
Blueprint paper - Crypto ValleyRead more >
Cosimo Calcagno joins Board of Directors
New member of the Board of Directors and investor.Read more >
Securely embrace the public cloud
Innovate faster, with security built in every step of the way.Read more >
Embedded KMS for IoT applications : the SEGWAY project
Filling the security gaps in cloud-edge integration.Read more >
CYSEC raises 4 million CHF in seed extension round
A funding to further its growth in digital assets and edge computing.Read more >
Protecting data: glossary of an industry
Every industry has its own vocabulary and cybersecurity is no exceptio...Read more >
Why cybersecurity is too important to get lost in space
As the race to space takes flight, ARCA is ready for launch. Read more >
2021 in review
Wrapping up yet another special year, but with great achievements.Read more >
Hack CYSAT: Europe’s first satellite hack
Calling for ethical hackers to hack a flying satellite.Read more >
Protecting health data on public cloud with HOSTEUR & CYSEC
Improving the cryptographic key exchange protocol to ensure end-to-end...Read more >
What is confidential computing?
The new kid on the security blockRead more >
CYSEC wins European Space Agency contract to protect governmental data
Improving the cryptographic key exchange protocol to ensure end-to-end...Read more >
Confidential computing with CYSEC ARCA & AMD-SEV [WHITEPAPER]
Whitepaper on how CYSEC ARCA leverage AMD-SEV Read more >
Differential power analysis on SIKE – part 2
Power analysis attack on SIKE in a semi-static setting Read more >
Differential power analysis on SIKE – part 1
An introduction to isogeny-based cryptography Read more >
CYSEC partners with D-Orbit
Fly end-to-end cybersecurity for commercial space missionsRead more >
CYSEC partners with armasuisse Cyber Defence Campus
Protecting the data broadcasted by satellite internet providers Read more >
Triton Malware Attack
Attack targeting Industrial Control System (ICS) Read more >
CYSEC introduces CYSEC LAB
A security evaluation lab Read more >
CYSEC SA introduces CYSEC ARCA Trusted OS
Secure Sensitive Data and Open the Door to CollaborationRead more >
Eureka program support granted for DiCoQuaNet project
A Distributed Computing over a Quantum-Secure NetworkRead more >
Happy Three-Year Anniversary to CYSEC!
Celebrating three amazing years Read more >
CYSEC joins the GAIA-X Space initiative
The next generation of Europe’s data infrastructureRead more >
Researchers and satellite start-ups meet
Discussing celestial cybersecurityRead more >
Il est trop facile de pirater un satellite et ça menace Internet
Cybersecurity in space and its importanceRead more >
La cybersécurité aussi dans lʹespace
Patrick Trinkler talking about the importance of cybersecurityRead more >
CYSAT’21 – kicking-off March 17TH
Cybersecurity for commercial spaceRead more >
Security for Commercial Space: CYSAT’21 Pioneers Cyber Security Solutions
CYSAT’21 Pioneers Cyber Security SolutionsRead more >
CYSEC – As Seen in BILANZ
CYSEC's journey to a secure operating systemRead more >
CYSEC listed in the CV VC Top 50 report
Listed for the second time in a rowRead more >
Cybersecurity for smallsats
Five security concepts for smallsat operators to followRead more >
The European Champions Alliance partners up with CYSEC & AP-Swiss
CYSAT'21: event dedicated to cyber risks in SpaceRead more >
Patrick Nicolet Joins Board of Directors
Former Capgemini CTO, a new strategic entry Read more >
CYSEC wins Swiss Space Office contract
For a secure in-orbit satellite reconfigurationRead more >
CYSEC and AP-Swiss organize CYSAT’21
The first European event on cybersecurity in spaceRead more >
Run Your Applications On Secure Enclaves
CYSEC partners with Kyos and joins a recognised networkRead more >
Let’s not make Newspace a paradise for hackers
Cyber threats in space and their consequencesRead more >
CYSEC selected for Tech4Trust acceleration program
Most innovative startups of the Lake Geneva regionRead more >
Pryv and CYSEC launch an integrated solution
The personal data & consent management secured middlewareRead more >
CYSEC at Forum EPFL
Startup day at SwissTech Convention CenterRead more >
CYSEC listed in the CV VC Top 50 report
Top 50 organizations in the Blockchain Technology sectorRead more >
SwissPKI Now Available On CYSEC ARCA
LibC Technologies and CYSEC launch a secured SwissPKI Read more >
CYSEC voted Best Security Startup
Ranking #62 in TOP100 Swiss Startup Award 2020Read more >
CYSEC partners up with Leaf Space
Offering end-to-end protection for satellitesRead more >
Confidential Edge Computing For IoT Security
Discover confidential edge computingRead more >
CYSEC SA raises 500’000 Swiss francs from FIT
CYSEC rewarded for its cybersecurity innovative solutionRead more >
CYSEC SA welcomes Howard Yu to its Advisory Board
Director of IMD’s Advanced Management Program Read more >
The Things Industries partners with CYSEC
For a secure on-premises LoRaWAN network deploymentRead more >
CYSEC wins European Space Agency contract
Protect ship tracking communications from cyber threatsRead more >
Next generation security platform
Safeguard critical applications and sensitive digital assetsRead more >
CYSEC joins the LoRa Alliance
Foster cybersecurity adoption in IoTRead more >
CYSEC SA welcomes Pascal Junod to its Advisory Board
Expert in applied cryptography and software protectionRead more >
Cloud Constellation Corporation partners with CYSEC
To deliver enterprise-ready Global Private Cloud ServicesRead more >
CYSEC partners with Build38
Facilitate secure deployment of Mobile App and Fraud ProtectionRead more >
CYSEC secures the smart heaters of Lancey Energy Storage
Protecting IoT ecosystems with CYSEC ARCARead more >
CYSEC to secure Astrocast global IoT network
End-to-end security of IoT Communication of 80 nanosatellitesRead more >
CYSEC wins CSO 2019 AWARD
Innovation in cybersecurity of the yearRead more >
Global Challenge Winner 2019
Winner of the ITU Innovations challengesRead more >
Insight SiP and CYSEC SA awarded Eurostars grant
Secure communications solution for medical IoT devicesRead more >
Singapore festival
Swiss fintechs to showcase innovative solutionsRead more >
CYSEC at Deftech, November 2019
Discussing the Swiss ecosystem for defense innovationRead more >
Come and meet us in October at Forum EPFL
Start Up DayRead more >
CYSEC selected by IMD in startup competition
IMD offers support to promising Swiss startups Read more >
New Solution For Secure Digital Asset Management
Swiss-made crypto asset management ecosystemRead more >
CYSEC selected to take part in ESA’s Business Incubation Programme
Program dedicated to startups innovating in spaceRead more >
REGDATA SA & CYSEC SA announce strategic alliance
Setting secure foundation and use of applicationsRead more >
Sysmosoft SA & CYSEC SA announce strategic alliance
Setting secure foundations of cryptographic technologiesRead more >
GEOSATIS and CYSEC announce technological partnership
For secure deployment and operation of IoT solution Read more >
CYSEC raises 1.5 million Swiss francs
To accelerate the deployment of innovative data security solutionsRead more >
CYSEC receives a FIT seed loan of CHF 100’000
To finalise product development and perform market validationRead more >
Swiss Fintech startups in NY
CYSEC selected to showcase ARCA in Venture Leaders roadshowRead more >