Главная
Study mode:
on
1
Intro
2
ECDSA and Schnorr Signatures
3
Risk of Biased/Leaky Randomness
4
Randomness Failure in the Real World
5
Contributions
6
ECDSA signing
7
Side channel attacks in scalar multiplication
8
Experimental setup
9
Cache-timing attacks on prime curves
10
Cache-timing attacks on binary curves
11
Software countermeasures
12
Main takeaways
13
The problem we tackle: 1-bit of nonce leakage
14
The problem we tackle: less than 1-bit of nonce leakage
15
How to attack the HNP
16
New attack records for the HNP!
17
The Fourier analysis-based attack?
18
Bleichenbacher's Attack High-level Overview
19
Step 1. Bias Function (Essentially DFT)
20
Handy Form of the Bias Function
21
Modeling Erroneous Input
22
Step 2. Detecting the Bias Peak (Naive Approach)
23
Problem: Naive Approach is inefficient!
24
Solution: Collision Search to Broaden the Peak
25
Collision Search Problem in Bleichenbacher's Framework
26
K-list Sum Algorithm for GBP (eg, X = 4)
27
Applying Howgrave-Graham and Joux's K-list Sum Algorithm
28
Unified Time Memory Data Tradeoffs
29
Tradeoff Graphs for 1-bit Bias
30
Experimental Results on Full Key Recovery
31
Conclusion
Description:
Explore a comprehensive presentation on LadderLeak, delivered by Diego F. Aranha and Akira Takahashi at the Workshop on Attacks in Cryptography (WAC 2020). Delve into the intricacies of ECDSA and Schnorr signatures, examining the risks associated with biased or leaky randomness in cryptographic systems. Discover real-world examples of randomness failures and learn about contributions to the field. Investigate side-channel attacks in scalar multiplication, including cache-timing attacks on prime and binary curves. Analyze the problem of nonce leakage, exploring attacks on the Hidden Number Problem (HNP) and Bleichenbacher's attack. Gain insights into Fourier analysis-based approaches, collision search techniques, and the K-list sum algorithm. Examine unified time-memory-data tradeoffs and experimental results on full key recovery. Enhance your understanding of cryptographic vulnerabilities and potential countermeasures in this in-depth 46-minute talk.

LadderLeak

TheIACR
Add to list
#Information Security (InfoSec) #Cybersecurity #Side Channel Attacks #Computer Science #Cryptography #Engineering #Electrical Engineering #Signal Processing #Fourier Analysis #Schnorr Signatures
1 of 31

Intro