TY - BOOK
T1 - Flush, Gauss, and reload : a cache attack on the BLISS lattice-based signature scheme
AU - Groot Bruinderink, L.
AU - Hülsing, A.T.
AU - Lange, T.
AU - Yarom, Y.
PY - 2016
Y1 - 2016
N2 - We present the first side-channel attack on a lattice-based signature scheme, using the FLUSH+RELOAD cache-attack. The attack is targeted at the discrete Gaussian sampler, an important step in the Bimodal Lattice Signature Schemes (BLISS). After observing only 450 signatures with a perfect side-channel, an attacker is able to extract the secret BLISS-key in less than 2 minutes, with a success probability of 0.96. Similar results are achieved in a proof-of-concept implementation using the FLUSH+RELOAD technique with less than 3500 signatures.
AB - We present the first side-channel attack on a lattice-based signature scheme, using the FLUSH+RELOAD cache-attack. The attack is targeted at the discrete Gaussian sampler, an important step in the Bimodal Lattice Signature Schemes (BLISS). After observing only 450 signatures with a perfect side-channel, an attacker is able to extract the secret BLISS-key in less than 2 minutes, with a success probability of 0.96. Similar results are achieved in a proof-of-concept implementation using the FLUSH+RELOAD technique with less than 3500 signatures.
M3 - Report
T3 - Cryptology ePrint Archive
BT - Flush, Gauss, and reload : a cache attack on the BLISS lattice-based signature scheme
PB - IACR
CY - s.l.
ER -