Paper 2020/910
A Power Side-Channel Attack on the CCA2-Secure HQC KEM
Thomas Schamberger, Julian Renner, Georg Sigl, and Antonia Wachter-Zeh
Abstract
The Hamming Quasi-Cyclic (HQC) proposal is a promising candidate in the second round of the NIST Post-Quantum cryptography Standardization project. It features small public key sizes, precise estimation of its decryption failure rates and contrary to most of the code-based systems, its security does not rely on hiding the structure of an error-correcting code. In this paper, we propose the first power side-channel attack on the Key Encapsulation Mechanism (KEM) version of HQC. Our attack utilizes a power side-channel to build an oracle that outputs whether the BCH decoder in HQC's decryption algorithm corrects an error for a chosen ciphertext. Based on the decoding algorithm applied in HQC, it is shown how to design queries such that the output of the oracle allows to retrieve a large part of the secret key. The remaining part of the key can then be determined by an algorithm based on linear algebra. It is shown in experiments that less than 10000 measurements are sufficient to successfully mount the attack on the HQC reference implementation running on an ARM Cortex-M4 microcontroller.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Error CorrectionHQCPost-Quantum CryptographyPower AnalysisSide-Channel Analysis
- Contact author(s)
-
t schamberger @ tum de
julian renner @ tum de - History
- 2020-07-23: received
- Short URL
- https://ia.cr/2020/910
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/910,
author = {Thomas Schamberger and Julian Renner and Georg Sigl and Antonia Wachter-Zeh},
title = {A Power Side-Channel Attack on the {CCA2}-Secure {HQC} {KEM}},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/910},
year = {2020},
url = {https://eprint.iacr.org/2020/910}
}
