OT-PCA: New Key-Recovery Plaintext-Checking Oracle Based Side-Channel Attacks on HQC with Offline Templates
(2025) In IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) 2025(1).- Abstract
- In this paper, we introduce OT-PCA, a novel approach for conducting Plaintext-Checking (PC) oracle based side-channel attacks, specifically designed for Hamming Quasi-Cyclic (HQC). By calling the publicly accessible HQC decoder, we build offline templates that enable efficient extraction of soft information for hundreds of secret positions with just a single PC oracle call. Our method addresses critical challenges in optimizing key-related information extraction, including maximizing decryption output entropy and ensuring error pattern independence, through the use of genetic-style algorithms.
Extensive simulations demonstrate that our new attack method significantly reduces the required number of oracle calls, achieving a 2.4-fold... (More) - In this paper, we introduce OT-PCA, a novel approach for conducting Plaintext-Checking (PC) oracle based side-channel attacks, specifically designed for Hamming Quasi-Cyclic (HQC). By calling the publicly accessible HQC decoder, we build offline templates that enable efficient extraction of soft information for hundreds of secret positions with just a single PC oracle call. Our method addresses critical challenges in optimizing key-related information extraction, including maximizing decryption output entropy and ensuring error pattern independence, through the use of genetic-style algorithms.
Extensive simulations demonstrate that our new attack method significantly reduces the required number of oracle calls, achieving a 2.4-fold decrease for hqc-128 and even greater reductions for hqc-192 and hqc-256 compared to current state-of-the-art methods. Notably, the attack shows strong resilience against inaccuracy in the PC oracle—when the oracle accuracy decreases to 95%, the reduction factor in oracle call requirements increases to 7.6 for hqc-128.
Lastly, a real-world evaluation conducted using power analysis on a platform with an ARM Cortex-M4 microcontroller validates the practical applicability and effectiveness of our approach. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/b5fe5a05-b34b-40d6-af98-0ef9895d8769
- author
- Dong, Haiyue LU and Guo, Qian LU
- organization
- publishing date
- 2025
- type
- Contribution to journal
- publication status
- published
- subject
- in
- IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)
- volume
- 2025
- issue
- 1
- publisher
- Ruhr-University of Bochum
- external identifiers
-
- scopus:85215442866
- ISSN
- 2569-2925
- DOI
- 10.46586/tches.v2025.i1.251-274
- language
- English
- LU publication?
- yes
- id
- b5fe5a05-b34b-40d6-af98-0ef9895d8769
- date added to LUP
- 2025-02-19 06:39:20
- date last changed
- 2025-05-29 12:09:24
@article{b5fe5a05-b34b-40d6-af98-0ef9895d8769,
abstract = {{In this paper, we introduce OT-PCA, a novel approach for conducting Plaintext-Checking (PC) oracle based side-channel attacks, specifically designed for Hamming Quasi-Cyclic (HQC). By calling the publicly accessible HQC decoder, we build offline templates that enable efficient extraction of soft information for hundreds of secret positions with just a single PC oracle call. Our method addresses critical challenges in optimizing key-related information extraction, including maximizing decryption output entropy and ensuring error pattern independence, through the use of genetic-style algorithms.<br/>Extensive simulations demonstrate that our new attack method significantly reduces the required number of oracle calls, achieving a 2.4-fold decrease for hqc-128 and even greater reductions for hqc-192 and hqc-256 compared to current state-of-the-art methods. Notably, the attack shows strong resilience against inaccuracy in the PC oracle—when the oracle accuracy decreases to 95%, the reduction factor in oracle call requirements increases to 7.6 for hqc-128.<br/>Lastly, a real-world evaluation conducted using power analysis on a platform with an ARM Cortex-M4 microcontroller validates the practical applicability and effectiveness of our approach.}},
author = {{Dong, Haiyue and Guo, Qian}},
issn = {{2569-2925}},
language = {{eng}},
number = {{1}},
publisher = {{Ruhr-University of Bochum}},
series = {{IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)}},
title = {{OT-PCA: New Key-Recovery Plaintext-Checking Oracle Based Side-Channel Attacks on HQC with Offline Templates}},
url = {{http://dx.doi.org/10.46586/tches.v2025.i1.251-274}},
doi = {{10.46586/tches.v2025.i1.251-274}},
volume = {{2025}},
year = {{2025}},
}