A Practicable Timing Attack Against HQC and its Countermeasure

In this paper, we present a practicable chosen ciphertext timing attack retrieving the secret key of HQC. The attack exploits a correlation between the weight of the error to be decoded and the running time of the decoding algorithm of BCH codes. For the 128-bit security parameters of HQC, the attack runs in less than a minute on a desktop computer using 5441 decoding requests and has a success probability of approximately 93 percent. To prevent this attack, we propose a constant time algorithm for the decoding of BCH codes.
Our implementation of the countermeasure achieves a constant time execution of the decoding process without a significant performance penalty.

Previous News Next News

Related News

On the Efficiency of Software Implementations of Lightweight Block Ciphers from the Perspective of Programming Languages

A Scalable Blockchain Based Digital Rights Management System

GPU-Accelerated Branch-and-Bound Algorithm for Differential Cluster Search of Block Ciphers

Anonyma: Anonymous Invitation-Only Registration in Malicious Adversarial Model

Exploring Lightweight Efficiency of ForkAES

Efficient simulation of random states and random unitaries