Paper 2022/131

Light the Signal: Optimization of Signal Leakage Attacks against LWE-Based Key Exchange

Yue Qin, China University of Geosciences, Wuhan
Ruoyu Ding, China University of Geosciences, Wuhan
Chi Cheng, China University of Geosciences, Wuhan
Nina Bindel, SandboxAQ
Yanbin Pan, Chinese Academy of Sciences
Jintai Ding, Yanqi Lake Beijing Institute of Mathematical Sciences and Applications, Beijing, China
Abstract

Key exchange protocols from the learning with errors (LWE) problem share many similarities with the Diffie–Hellman–Merkle (DHM) protocol, which plays a central role in securing our Internet. Therefore, there has been a long time effort in designing authenticated key exchange directly from LWE to mirror the advantages of DHM-based protocols. In this paper, we revisit signal leakage attacks and show that the severity of these attacks against LWE-based (authenticated) key exchange is still underestimated. In particular, by converting the problem of launching a signal leakage attack into a coding problem, we can significantly reduce the needed number of queries to reveal the secret key. Specifically, for DXL-KE we reduce the queries from 1,266 to only 29, while for DBS-KE, we need only 748 queries, a great improvement over the previous 1,074,434 queries. Moreover, our new view of signals as binary codes enables recognizing vulnerable schemes more easily. As such we completely recover the secret key of a password-based authenticated key exchange scheme by Dabra et al. with only 757 queries and partially reveal the secret used in a two-factor authentication by Wang et al. with only one query. The experimental evaluation supports our theoretical analysis and demonstrates the efficiency and effectiveness of our attacks. Our results caution against underestimating the power of signal leakage attacks as they are applicable even in settings with a very restricted number of interactions between adversary and victim.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. ESORICS 2022
Keywords
Post-quantum cryptography Key exchange Learning with errors Signal leakage attack
Contact author(s)
chengchizz @ qq com
nina bindel @ sandboxquantum com
History
2022-09-19: last of 2 revisions
2022-02-09: received
See all versions
Short URL
https://ia.cr/2022/131
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/131,
      author = {Yue Qin and Ruoyu Ding and Chi Cheng and Nina Bindel and Yanbin Pan and Jintai Ding},
      title = {Light the Signal: Optimization of Signal Leakage Attacks against {LWE}-Based Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/131},
      year = {2022},
      url = {https://eprint.iacr.org/2022/131}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.