LadderLeak

LadderLeak

TheIACR via YouTube Direct link

Randomness Failure in the Real World

4 of 31

4 of 31

Randomness Failure in the Real World

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

LadderLeak

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 ECDSA and Schnorr Signatures
  3. 3 Risk of Biased/Leaky Randomness
  4. 4 Randomness Failure in the Real World
  5. 5 Contributions
  6. 6 ECDSA signing
  7. 7 Side channel attacks in scalar multiplication
  8. 8 Experimental setup
  9. 9 Cache-timing attacks on prime curves
  10. 10 Cache-timing attacks on binary curves
  11. 11 Software countermeasures
  12. 12 Main takeaways
  13. 13 The problem we tackle: 1-bit of nonce leakage
  14. 14 The problem we tackle: less than 1-bit of nonce leakage
  15. 15 How to attack the HNP
  16. 16 New attack records for the HNP!
  17. 17 The Fourier analysis-based attack?
  18. 18 Bleichenbacher's Attack High-level Overview
  19. 19 Step 1. Bias Function (Essentially DFT)
  20. 20 Handy Form of the Bias Function
  21. 21 Modeling Erroneous Input
  22. 22 Step 2. Detecting the Bias Peak (Naive Approach)
  23. 23 Problem: Naive Approach is inefficient!
  24. 24 Solution: Collision Search to Broaden the Peak
  25. 25 Collision Search Problem in Bleichenbacher's Framework
  26. 26 K-list Sum Algorithm for GBP (eg, X = 4)
  27. 27 Applying Howgrave-Graham and Joux's K-list Sum Algorithm
  28. 28 Unified Time Memory Data Tradeoffs
  29. 29 Tradeoff Graphs for 1-bit Bias
  30. 30 Experimental Results on Full Key Recovery
  31. 31 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.