Skip to main content

Side-Channel Attacks

Side-Channel Attacks

One approach to defeating cryptographic protections is to side-step them by exploiting side-channel information from the execution of a cryptographic algorithm. This could be timing information (how long some operation takes may depend on secret data), resource utilisation (e.g. was that line loaded into cache, and if so does this tell us something about the secrets?), power consumption (e.g. did the coprocessor spin up to crank some numbers?), or plain old error messages.

Researchers in the ISG study how to exploit such side-channel leakage in order to assess the risk of cryptographic implementations. For example, one class of attacks is called “cold boot attacks”. These attacks exploit that information in RAM is not necessarily immediately gone when the power is cut; instead a noisy version may be retained in memory for seconds (if not minutes) under deep cooling. The challenge in a second step is then to correct the errors introduced to recover the sensitive information, e.g. the secret secret.

Another area are lattices – whose study is a core expertise in the ISG – which are also central tools in side-channel analysis. This is because they are inherently geared towards “noisy” problems. Researchers in the ISG have applied lattice techniques to various side-channel problems to demonstrate that an attacker may use them to attack cryptographic schemes.

  • Martin R. Albrecht, Nadia Heninger: On Bounded Distance Decoding with Predicate: Breaking the "Lattice Barrier" for the Hidden Number Problem. EUROCRYPT 2021 https://github.com/malb/bdd-predicate/
  • Martin R. Albrecht, Amit Deo, Kenneth G. Paterson: Cold Boot Attacks on Ring and Module LWE Keys Under the NTT. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(3): 173-213 (2018) https://ia.cr/2018/672
  • Martin R. Albrecht, Carlos Cid: Cold Boot Key Recovery by Solving Polynomial Systems with Noise. ACNS 2011: 57-72 https://ia.cr/2011/038

Explore Royal Holloway