Flush, Gauss, and Reload – a cache attack on the BLISS lattice-based signature scheme

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

58 Citaten (Scopus)

Samenvatting

We present the first side-channel attack on a lattice-based signature scheme, using the Flush+Reload cache-attack. The attack is targeted at the discrete Gaussian sampler, an important step in the Bimodal Lattice Signature Schemes (BLISS). After observing only 450 signatures with a perfect side-channel, an attacker is able to extract the secret BLISS-key in less than 2 minutes, with a success probability of 0.96. Similar results are achieved in a proof-of-concept implementation using the Flush+Reload technique with less than 3500 signatures. We show how to attack sampling from a discrete Gaussian using CDT or Bernoulli sampling by showing potential information leakage via cache memory. For both sampling methods, a strategy is given to use this additional information, finalize the attack and extract the secret key. We provide experimental evidence for the idealized perfect side-channel attacks and the Flush+Reload attack on two recent CPUs.
Originele taal-2Engels
TitelCryptographic Hardware and Embedded Systems - 18th International Conference, CHES 2016, Proceedings
RedacteurenB. Gierlichs, A.Y. Poschmann
UitgeverijSpringer
Pagina's323-345
Aantal pagina's23
Volume9813
ISBN van elektronische versie978-3-662-53140-2
ISBN van geprinte versie978-3-662-53139-6
DOI's
StatusGepubliceerd - 2016
Evenement18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016 - Santa Barbara, Verenigde Staten van Amerika
Duur: 17 aug 201619 aug 2016

Publicatie series

NaamLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9813
ISSN van geprinte versie03029743
ISSN van elektronische versie16113349

Congres

Congres18th International Conference on Cryptographic Hardware and Embedded Systems, CHES 2016
LandVerenigde Staten van Amerika
StadSanta Barbara
Periode17/08/1619/08/16

    Vingerafdruk

Citeer dit

Bruinderink, L. G., Hülsing, A. T., Lange, T., & Yarom, Y. (2016). Flush, Gauss, and Reload – a cache attack on the BLISS lattice-based signature scheme. In B. Gierlichs, & A. Y. Poschmann (editors), Cryptographic Hardware and Embedded Systems - 18th International Conference, CHES 2016, Proceedings (Vol. 9813, blz. 323-345). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9813). Springer. https://doi.org/10.1007/978-3-662-53140-2_16