International audienceROLLO was a candidate to the second round of the NIST Post-Quantum Cryptography standardization process. In the last update in April 2020, there was a key encapsulation mechanism (ROLLO-I) and a public-key encryption scheme (ROLLO-II). In this paper, we propose an attack to recover the syndrome during the decapsulation process of ROLLO-I. From this syndrome, we explain how to recover the private key. We target two constant-time implementations: the C reference implementation and a C implementation available on GitHub. By getting power measurements during the execution of the Gaussian elimination function, we are able to extract on a single trace each element of the syndrome. This attack can also be applied to the decry...
Algorithms for secure encryption in a post-quantum world are currently receiving a lot of attention ...
International audienceHamming Quasi-Cyclic (HQC) is a code-based candidate of NIST post-quantum stan...
This paper describes the first practical single-trace side-channel power analysis of SIKE. While SIK...
International audienceROLLO, for Rank-Ouroboros, LAKE and LOCKER, was a candidate to the second roun...
International audienceIn this paper, we present a single-trace attack on a BIKE Cortex-M4 implementa...
Chou suggested a constant-time implementation for quasi-cyclic moderatedensity parity-check (QC-MDPC...
Well before large-scale quantum computers will be available, traditional cryptosystems must be trans...
International audienceThis paper presents a general strategy to recover a block cipher secret key in...
In the implementation of post-quantum primitives, it is well known that all computations that handle...
Submitted to ISIT 2018The key encapsulation mechanism EDON-K was proposed in response to the call fo...
International audienceThis paper presents a new profiling side-channel attack on CRYSTALS-Dilithium,...
This paper introduces a key encapsulation mechanism ROLLO+ and presents a constant-time AVX2 impleme...
During the standardisation process of post-quantum cryptography, NIST encourages research on side-ch...
In this paper, we propose the first key-recovery side-channel attack on Classic McEliece, a KEM fina...
The Gaussian sampler is an integral part in lattice-based cryptography as it has a direct connection...
Algorithms for secure encryption in a post-quantum world are currently receiving a lot of attention ...
International audienceHamming Quasi-Cyclic (HQC) is a code-based candidate of NIST post-quantum stan...
This paper describes the first practical single-trace side-channel power analysis of SIKE. While SIK...
International audienceROLLO, for Rank-Ouroboros, LAKE and LOCKER, was a candidate to the second roun...
International audienceIn this paper, we present a single-trace attack on a BIKE Cortex-M4 implementa...
Chou suggested a constant-time implementation for quasi-cyclic moderatedensity parity-check (QC-MDPC...
Well before large-scale quantum computers will be available, traditional cryptosystems must be trans...
International audienceThis paper presents a general strategy to recover a block cipher secret key in...
In the implementation of post-quantum primitives, it is well known that all computations that handle...
Submitted to ISIT 2018The key encapsulation mechanism EDON-K was proposed in response to the call fo...
International audienceThis paper presents a new profiling side-channel attack on CRYSTALS-Dilithium,...
This paper introduces a key encapsulation mechanism ROLLO+ and presents a constant-time AVX2 impleme...
During the standardisation process of post-quantum cryptography, NIST encourages research on side-ch...
In this paper, we propose the first key-recovery side-channel attack on Classic McEliece, a KEM fina...
The Gaussian sampler is an integral part in lattice-based cryptography as it has a direct connection...
Algorithms for secure encryption in a post-quantum world are currently receiving a lot of attention ...
International audienceHamming Quasi-Cyclic (HQC) is a code-based candidate of NIST post-quantum stan...
This paper describes the first practical single-trace side-channel power analysis of SIKE. While SIK...