SIKE Channels – zero value side-channel attacks on SIKE

Опубликовано 10 октября 2022, 19:49

We present new side-channel attacks on SIKE. Previous works had shown that SIKE is vulnerable to differential power analysis and pointed to coordinate randomization as an effective countermeasure. We show that coordinate randomization alone is not sufficient, as SIKE is vulnerable to a class of attacks similar to refined power analysis in elliptic curve cryptography, named zero-value attacks. We confirm the attacks in lab on a 32-bit ARM Cortex-M4. We also give a comment on Hertzbleed, a recent side-channel attack which exploits a weakness of x86, allowing it to extend our attack into a timing attack.

Novak Kaluđerović is a PhD student in mathematics and cryptography at EPFL, Switzerland. His interests are algebraic and computational number theory, and post-quantum cryptographic protocols. He enjoys working on low-level and high-efficiency implementations, and also on side-channel attacks, especially on SIKE.