Cryptology ePrint Archive: Report 2017/379

Fault attack on Supersingular Isogeny Cryptosystems

Yan Bo Ti

Abstract: We present the first fault attack on cryptosystems based on supersingular isogenies. During the computation of the auxiliary points, the attack aims to change the base point to a random point on the curve via a fault injection. We will show that this would reveal the secret isogeny with one successful perturbation with high probability. We will exhibit the attack by placing it against signature schemes and key-exchange protocols with validations in place. Our paper therefore demonstrates the need to incorporate checks in implementations of the cryptosystem.

Category / Keywords: public-key cryptography / supersingular, isogeny, fault attacks

Original Publication (with minor differences): PQCrypto 2017

Date: received 28 Apr 2017, last revised 8 May 2017

Contact author: yanbo ti at gmail com

Available format(s): PDF | BibTeX Citation

Note: Made a minor correction in the introduction.

Version: 20170508:223654 (All versions of this report)

Short URL: ia.cr/2017/379

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]