Power analysis on FPGA implementation of Classic McEliece
(2021) EITM01 20211Department of Electrical and Information Technology
- Abstract
- In this work, the hardware implementation of Classic McEliece has been assessed for side-channel leakage through a power analysis. The official, unprotected, decryption procedure of Classic McEliece was implemented on a Xilinx Atix7 \acl{fpga} and incorporated into the \acl{cw} framework. Traces captured during decryption was assessed for information leakage and it was concluded that the implementation leaks information at multiple points. A procedure for a partial message-recovery on Classic McEliece was suggested where a neural network was employed to predict the distribution of bit values in the plaintext. The suggested attack procedure managed to predict if the Hamming weight of the first half plaintext bits was greater than 32 or not... (More)
- In this work, the hardware implementation of Classic McEliece has been assessed for side-channel leakage through a power analysis. The official, unprotected, decryption procedure of Classic McEliece was implemented on a Xilinx Atix7 \acl{fpga} and incorporated into the \acl{cw} framework. Traces captured during decryption was assessed for information leakage and it was concluded that the implementation leaks information at multiple points. A procedure for a partial message-recovery on Classic McEliece was suggested where a neural network was employed to predict the distribution of bit values in the plaintext. The suggested attack procedure managed to predict if the Hamming weight of the first half plaintext bits was greater than 32 or not with an accuracy of 78~\%. During the attack, only a single trace was used for predicting the Hamming weight. The suggested attack procedure targets the last step of decryption where plaintext bits are recovered. More specifically, the suggested attack procedure exploits leakage from the incremental storage of plaintext bits in a shift register. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/9067081
- author
- Johansson, Andreas LU
- supervisor
-
- Qian Guo LU
- organization
- course
- EITM01 20211
- year
- 2021
- type
- H2 - Master's Degree (Two Years)
- subject
- report number
- LU/LTH-EIT 2021-849
- language
- English
- id
- 9067081
- date added to LUP
- 2021-10-25 15:50:10
- date last changed
- 2021-10-25 15:50:10
@misc{9067081, abstract = {{In this work, the hardware implementation of Classic McEliece has been assessed for side-channel leakage through a power analysis. The official, unprotected, decryption procedure of Classic McEliece was implemented on a Xilinx Atix7 \acl{fpga} and incorporated into the \acl{cw} framework. Traces captured during decryption was assessed for information leakage and it was concluded that the implementation leaks information at multiple points. A procedure for a partial message-recovery on Classic McEliece was suggested where a neural network was employed to predict the distribution of bit values in the plaintext. The suggested attack procedure managed to predict if the Hamming weight of the first half plaintext bits was greater than 32 or not with an accuracy of 78~\%. During the attack, only a single trace was used for predicting the Hamming weight. The suggested attack procedure targets the last step of decryption where plaintext bits are recovered. More specifically, the suggested attack procedure exploits leakage from the incremental storage of plaintext bits in a shift register.}}, author = {{Johansson, Andreas}}, language = {{eng}}, note = {{Student Paper}}, title = {{Power analysis on FPGA implementation of Classic McEliece}}, year = {{2021}}, }