AI Engineer - Learn how to integrate AI into software applications
Start speaking a new language. It’s just 3 weeks away.
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore fault attacks on CCA-secure lattice-based Key Encapsulation Mechanisms (KEMs) in this 45-minute talk by Peter Pessl at the Workshop on Attacks in Cryptography, held in conjunction with Crypto 2021. Delve into the implementation security of lattice KEMs, focusing on Kyber and Saber. Examine the LPR encryption scheme, Fujisaki-Okamoto transformation, and the process of attacking an FO-KEM. Investigate effective and ineffective faults in the decoder, with a specific look at Kyber's decoding routine. Learn about extracting information through faulting the decoder, gathering inequalities, and solving for the key. Conclude with a discussion on potential countermeasures against these attacks.
Syllabus
Intro
What's that all about?
Status: Implementation Security of Lattice KEM
Kyber, Saber: High-Level Similarities
Our Attack
The LPR Encryption Scheme: Noisy ElGamal
Correctness and Decoding
Fujisaki-Okamoto: CPA PKE
Attacking an FO-KEM
Effective vs. Inflective Faults
(In)Effective Faults in the Decoder
Kyber's Decoding Routine
Faulting the Decoder
Extracting Information
Gathering Inequalities
Solving for the key
Solving Approach
Countermeasures?
Taught by
TheIACR