Paper 2017/379

Fault attack on Supersingular Isogeny Cryptosystems

Yan Bo Ti

Abstract

We present the first fault attack on cryptosystems based on supersingular isogenies. During the computation of the auxiliary points, the attack aims to change the base point to a random point on the curve via a fault injection. We will show that this would reveal the secret isogeny with one successful perturbation with high probability. We will exhibit the attack by placing it against signature schemes and key-exchange protocols with validations in place. Our paper therefore demonstrates the need to incorporate checks in implementations of the cryptosystem.

Note: Made a minor correction in the introduction.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. PQCrypto 2017
Keywords
supersingularisogenyfault attacks
Contact author(s)
yanbo ti @ gmail com
History
2017-05-08: revised
2017-05-01: received
See all versions
Short URL
https://ia.cr/2017/379
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/379,
      author = {Yan Bo Ti},
      title = {Fault attack on Supersingular Isogeny Cryptosystems},
      howpublished = {Cryptology ePrint Archive, Paper 2017/379},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/379}},
      url = {https://eprint.iacr.org/2017/379}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.