Fault Injection Attacks on RSA and CSIDH

Chiu, TingHung

16 May 2024

Fault injection attacks are a powerful technique that intentionally induces faults during computations to leak secret information. This thesis studies the fault injection attack techniques. The thesis first categorizes various fault attack methods by fault model and fault analysis and gives examples of the various fault attacks on symmetric key cryptosystems and public key cryptosystems. The thesis then demonstrates fault injection attacks on RSA-CRT and constant time CSIDH. The fault attack consists of two main components: fault modeling, which examines methods for injecting faults in a target device, and fault analysis, which analyzes the resulting faulty outputs to deduce secrets in each cryptosystem. The thesis aims to provide a comprehensive survey on fault attack research, directions for further study on securing real-world cryptosystems against fault injection attacks, testing fault injection attacks with RSA-CRT, and demonstrate and evaluate fault injection attacks on constant time CSIDH. / Master of Science / Fault injection attacks are attacks where the attackers intentionally induce the fault in the device during the operation to obtain or recover secret information. The induced fault will impact the operation and cause the faulty output, providing the information to attackers. Many cryptographic algorithms and devices have been proven vulnerable to fault injection attacks. Cryptography is essential nowadays, as it is used to secure and protect confidential data. If the cryptosystem is broken, many system today will be compromised. Thus, this thesis focus on the fault injection attacks on the cryptosystems. This thesis introduces the background of fault injection attacks, categorizes them into different types, and provides examples of the attacks on cryptosystems. The thesis studies how the attacks work, including how the attack induces the fault in the device and how the attack analyzes the fault output they obtained. Specifically, I examine how these attacks affect two commonly used encryption methods: symmetric key cryptography and public key cryptography. Additionally, I implement the fault injection attack on RSA-CRT and emph{Commutative Supersingular Isogeny Diffie-Hellman}~(CSIDH). This research aims to understand the potential attack method on different cryptosystems and can explore mitigation or protection in the future.

Fault Injection Attack

RSA

CSIDH

A Performance Evaluation of Post-Quantum Cryptography in the Signal Protocol / En prestandautvärdering av kvantsäkert krypto i Signal-protokollet

Alvila, Markus

January 2019

The Signal protocol can be considered state-of-the-art when it comes to secure messaging, but advances in quantum computing stress the importance of finding post-quantum resistant alternatives to its asymmetric cryptographic primitives. The aim is to determine whether existing post-quantum cryptography can be used as a drop-in replacement for the public-key cryptography currently used in the Signal protocol and what the performance trade-offs may be. An implementation of the Signal protocol using commutative supersingular isogeny Diffie-Hellman (CSIDH) key exchange operations in place of elliptic-curve Diffie-Hellman (ECDH) is proposed. The benchmark results on a Samsung Galaxy Note 8 mobile device equipped with a 64-bit Samsung Exynos 9 (8895) octa-core CPU shows that it takes roughly 8 seconds to initialize a session using CSIDH-512 and over 40 seconds using CSIDH-1024, without platform specific optimization. To the best of our knowledge, the proposed implementation is the first post-quantum resistant Signal protocol implementation and the first evaluation of using CSIDH as a drop-in replacement for ECDH in a communication protocol.

post-quantum

resistant

cryptography

commutative

supersingular

isogeny

Diffie-Hellman

CSIDH

Signal

protocol

X3DH

Double Ratchet

Curve25519

performance

evaluation

CPU

profiling

Android

Engineering and Technology

Teknik och teknologier