Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Fault Attacks on CCA-Secure Lattice KEMs

TheIACR via YouTube

Overview

Explore fault attacks on CCA-secure lattice-based Key Encapsulation Mechanisms (KEMs) in this 45-minute talk by Peter Pessl at the Workshop on Attacks in Cryptography, held in conjunction with Crypto 2021. Delve into the implementation security of lattice KEMs, focusing on Kyber and Saber. Examine the LPR encryption scheme, Fujisaki-Okamoto transformation, and the process of attacking an FO-KEM. Investigate effective and ineffective faults in the decoder, with a specific look at Kyber's decoding routine. Learn about extracting information through faulting the decoder, gathering inequalities, and solving for the key. Conclude with a discussion on potential countermeasures against these attacks.

Syllabus

Intro
What's that all about?
Status: Implementation Security of Lattice KEM
Kyber, Saber: High-Level Similarities
Our Attack
The LPR Encryption Scheme: Noisy ElGamal
Correctness and Decoding
Fujisaki-Okamoto: CPA PKE
Attacking an FO-KEM
Effective vs. Inflective Faults
(In)Effective Faults in the Decoder
Kyber's Decoding Routine
Faulting the Decoder
Extracting Information
Gathering Inequalities
Solving for the key
Solving Approach
Countermeasures?

Taught by

TheIACR

Reviews

Start your review of Fault Attacks on CCA-Secure Lattice KEMs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.