Completed
Software countermeasures
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
LadderLeak
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 ECDSA and Schnorr Signatures
- 3 Risk of Biased/Leaky Randomness
- 4 Randomness Failure in the Real World
- 5 Contributions
- 6 ECDSA signing
- 7 Side channel attacks in scalar multiplication
- 8 Experimental setup
- 9 Cache-timing attacks on prime curves
- 10 Cache-timing attacks on binary curves
- 11 Software countermeasures
- 12 Main takeaways
- 13 The problem we tackle: 1-bit of nonce leakage
- 14 The problem we tackle: less than 1-bit of nonce leakage
- 15 How to attack the HNP
- 16 New attack records for the HNP!
- 17 The Fourier analysis-based attack?
- 18 Bleichenbacher's Attack High-level Overview
- 19 Step 1. Bias Function (Essentially DFT)
- 20 Handy Form of the Bias Function
- 21 Modeling Erroneous Input
- 22 Step 2. Detecting the Bias Peak (Naive Approach)
- 23 Problem: Naive Approach is inefficient!
- 24 Solution: Collision Search to Broaden the Peak
- 25 Collision Search Problem in Bleichenbacher's Framework
- 26 K-list Sum Algorithm for GBP (eg, X = 4)
- 27 Applying Howgrave-Graham and Joux's K-list Sum Algorithm
- 28 Unified Time Memory Data Tradeoffs
- 29 Tradeoff Graphs for 1-bit Bias
- 30 Experimental Results on Full Key Recovery
- 31 Conclusion