Paper 2019/909

A Practicable Timing Attack Against HQC and its Countermeasure

Guillaume Wafo-Tapa, Slim Bettaieb, Loic Bidoux, Philippe Gaborit, and Etienne Marcatel

Abstract

In this paper, we present a practicable chosen ciphertext timing attack retrieving the secret key of HQC. The attack exploits a correlation between the weight of the error to be decoded and the running time of the decoding algorithm of BCH codes. For the 128-bit security parameters of HQC, the attack runs in less than a minute on a desktop computer using 5441 decoding requests and has a success probability of approximately 93 percent. To prevent this attack, we propose a constant time algorithm for the decoding of BCH codes. Our implementation of the countermeasure achieves a constant time execution of the decoding process without a significant performance penalty.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. Minor revision.
Keywords
HQCBCH decodingTiming attackConstant time implementation.
Contact author(s)
kyzdra @ yahoo fr
slim bettaieb @ worldline com
loic bidoux @ worldline com
gaborit @ unilim fr
etienne marcatel @ atos net
History
2019-09-23: revised
2019-08-08: received
See all versions
Short URL
https://ia.cr/2019/909
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/909,
      author = {Guillaume Wafo-Tapa and Slim Bettaieb and Loic Bidoux and Philippe Gaborit and Etienne Marcatel},
      title = {A Practicable Timing Attack Against HQC and its Countermeasure},
      howpublished = {Cryptology ePrint Archive, Paper 2019/909},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/909}},
      url = {https://eprint.iacr.org/2019/909}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.