Recovering Secrets From Prefix-Dependent Leakage

Recovering Secrets From Prefix-Dependent Leakage

We discuss how to recover a secret bitstring given partial information obtained during a computation over that string, assuming the computation is a deterministic algorithm processing the secret bits sequentially. That abstract situation models certain types of side-channel attacks against discrete...

Full description

Bibliographic Details
Main Authors: Ferradi Houda, Géraud Rémi, Guilley Sylvain, Naccache David, Tibouchi Mehdi
Format: Article
Language:English
Published: De Gruyter 2020-06-01
Series:Journal of Mathematical Cryptology
Subjects:
galton–watson process
discrete logarithm problem
cryptanalysis
94a60
11t71
Online Access:https://doi.org/10.1515/jmc-2015-0048
id doaj-5e292d07eb0a4f6388e5c1a9f335f895
record_format Article
spelling doaj-5e292d07eb0a4f6388e5c1a9f335f8952021-09-06T19:40:44ZengDe GruyterJournal of Mathematical Cryptology1862-29761862-29842020-06-01141152410.1515/jmc-2015-0048jmc-2015-0048Recovering Secrets From Prefix-Dependent LeakageFerradi Houda0Géraud Rémi1Guilley Sylvain2Naccache David3Tibouchi Mehdi4NTT Secure Platform Laboratories 3–9–11 Midori-cho, Musashino-shi, Tokyo 180–8585, JapanÉcole normale supérieure, Computer Science Department, 45 rue d’Ulm, 75230, Paris Cedex, 05, FranceTelecom-ParisTech, Comelec Dept., 46 rue Barrault, F-75634, Paris Cedex, 13, FranceÉcole normale supérieure, Computer Science Department, 45 rue d’Ulm, 75230, Paris Cedex, 05, FranceNTT Secure Platform Laboratories 3–9–11 Midori-cho, Musashino-shi, Tokyo 180–8585, JapanWe discuss how to recover a secret bitstring given partial information obtained during a computation over that string, assuming the computation is a deterministic algorithm processing the secret bits sequentially. That abstract situation models certain types of side-channel attacks against discrete logarithm and RSA-based cryptosystems, where the adversary obtains information not on the secret exponent directly, but instead on the group or ring element that varies at each step of the exponentiation algorithm.https://doi.org/10.1515/jmc-2015-0048galton–watson processdiscrete logarithm problemcryptanalysis94a6011t71
collection DOAJ
language English
format Article
sources DOAJ
author Ferradi Houda
Géraud Rémi
Guilley Sylvain
Naccache David
Tibouchi Mehdi
spellingShingle Ferradi Houda
Géraud Rémi
Guilley Sylvain
Naccache David
Tibouchi Mehdi
Recovering Secrets From Prefix-Dependent Leakage
Journal of Mathematical Cryptology
galton–watson process
discrete logarithm problem
cryptanalysis
94a60
11t71
author_facet Ferradi Houda
Géraud Rémi
Guilley Sylvain
Naccache David
Tibouchi Mehdi
author_sort Ferradi Houda
title Recovering Secrets From Prefix-Dependent Leakage
title_short Recovering Secrets From Prefix-Dependent Leakage
title_full Recovering Secrets From Prefix-Dependent Leakage
title_fullStr Recovering Secrets From Prefix-Dependent Leakage
title_full_unstemmed Recovering Secrets From Prefix-Dependent Leakage
title_sort recovering secrets from prefix-dependent leakage
publisher De Gruyter
series Journal of Mathematical Cryptology
issn 1862-2976
1862-2984
publishDate 2020-06-01
description We discuss how to recover a secret bitstring given partial information obtained during a computation over that string, assuming the computation is a deterministic algorithm processing the secret bits sequentially. That abstract situation models certain types of side-channel attacks against discrete logarithm and RSA-based cryptosystems, where the adversary obtains information not on the secret exponent directly, but instead on the group or ring element that varies at each step of the exponentiation algorithm.
topic galton–watson process
discrete logarithm problem
cryptanalysis
94a60
11t71
url https://doi.org/10.1515/jmc-2015-0048
work_keys_str_mv AT ferradihouda recoveringsecretsfromprefixdependentleakage
AT geraudremi recoveringsecretsfromprefixdependentleakage
AT guilleysylvain recoveringsecretsfromprefixdependentleakage
AT naccachedavid recoveringsecretsfromprefixdependentleakage
AT tibouchimehdi recoveringsecretsfromprefixdependentleakage
_version_ 1717767900872310784

Similar Items