Paper 2023/102
Cache-timing attack against HQC
, Lund University, Lund UniversityAbstract
In this paper, we present the first chosen-ciphertext (CC) cache-timing attacks on the reference implementation of HQC. We build a cache-timing based distinguisher for implementing a plaintext-checking (PC) oracle. The PC oracle uses side-channel information to check if a given ciphertext decrypts to a given message. This is done by identifying a vulnerability during the generating process of two vectors in the reference implementation of HQC. We also propose a new method of using PC oracles for chosen-ciphertext side-channel attacks against HQC, which may have independent interest. We show a general proof-of-concept attack, where we use the Flush&Reload technique and also derive, in more detail, a practical attack on an HQC execution on Intel SGX, where the Prime&Probe technique is used. We show the exact path to do key recovery by explaining the detailed steps, using the PC oracle. In both scenarios, the new attack requires $53,857$ traces on average with much fewer PC oracle calls than the timing attack of Guo et al. CHES 2022 on an HQC implementation.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Side-channel attacksCode-based cryptographyNIST PQC standardizationHQC
- Contact author(s)
-
senyang huang @ eit lth se
c chuengsatiansup @ unimelb edu au
qian guo @ eit lth se - History
- 2023-04-14: last of 2 revisions
- 2023-01-27: received
- See all versions
- Short URL
- https://ia.cr/2023/102
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/102,
author = {Senyang Huang and Rui Qi Sim and Chitchanok Chuengsatiansup and Qian Guo and Thomas Johansson},
title = {Cache-timing attack against {HQC}},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/102},
year = {2023},
url = {https://eprint.iacr.org/2023/102}
}
