Paper 2019/909
A Practicable Timing Attack Against HQC and its Countermeasure
Guillaume Wafo-Tapa and Slim Bettaieb and Loic Bidoux and Philippe Gaborit
Abstract
In this paper, we present a practicable chosen ciphertext timing attack retrieving the secret key of HQC. The attack exploits a correlation between the weight of the error to be decoded and the running time of the decoding algorithm of BCH codes. For the 128-bit security parameters of HQC, the attack runs in less than a minute on a desktop computer using 5441 decoding requests and has a success probability of approximately 93 percent. To prevent this attack, we propose a constant time algorithm for the decoding of BCH codes. Our implementation of the countermeasure achieves a constant time execution of the decoding process without a significant performance penalty.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- HQCBCH decodingTiming attackConstant time implementation.
- Contact author(s)
- kyzdra @ yahoo fr,slim bettaieb @ worldline com,loic bidoux @ worldline com,gaborit @ unilim fr
- History
- 2019-09-23: revised
- 2019-08-08: received
- See all versions
- Short URL
- https://ia.cr/2019/909
- License
-
CC BY