国際会議ACNS2023で発表を行いました

京都でApplied Cryptography and Network Security 2023 (ACNS2023)で，発表を行いました．

• HS-Based Error Correction Algorithm for Noisy Binary GCD Side-Channel Sequences, by Kenta Tani and Noboru Kunihiro, in Proc. of Applied Cryptography and Network Security 2023 (ACNS2023), LNCS 13905,pp. 59-88, 2023. [DOI]

Abstatct:
The secure implementation of the Greatest Common Divisor (GCD) algorithm is fundamental for many cryptographic schemes. The binary GCD algorithm has a highly input-dependent behavior. Therefore, we must carefully implement the binary GCD used in cryptographic systems. However, it has been noted that the binary GCD algorithm implemented in OpenSSL 1.1.0-1.1.0h and 1.0.2b-1.0.2o is not secure. Aldaya et al. presented this vulnerability at CHES2019. They also proposed a side-channel attack to collect sequences of operations performed by the binary GCD algorithm and an error correction algorithm (AGTB algorithm) to recover the LSBs of secret keys from the noisy sequences. In this paper, we propose an error correction algorithm that, like the AGTB algorithm, focuses on only a single type of error. We evaluate our algorithm using numerical experiments that reveal that our algorithm achieves a higher recovery rate than the AGTB algorithm.