一种后量子密码密钥失配后门攻击:以Kyber为例  被引量:1

Key Mismatch Backdoor Attack in Post-Quantum Cryptography:A Case of Kyber

在线阅读下载全文

作  者:邵岩 刘月君 周永彬 SHAO Yan;LIU Yuejun;ZHOU Yongbin(School of Cyber Science and Engineering,Nanjing University of Science and Technology,Nanjing Jiangsu 210094,China)

机构地区:[1]南京理工大学网络空间安全学院,江苏南京210094

出  处:《信息安全与通信保密》2024年第10期66-79,共14页Information Security and Communications Privacy

摘  要:美国NIST已发布第一批后量子密码算法标准规范(FIPS 203/204/205),同时后量子密码技术迁移应用的演示验证工作亦在开展中。近年来,密钥失配攻击受到关注,由于密钥失配攻击本质上属于选择密文攻击,故理论上难以攻破CCA安全的后量子密钥封装方案。基于此,提出了一种针对典型应用场景的后量子密码密钥失配后门攻击方案,并以使用CRYSTALS-KYBER的TLS安全协议的应用为示例开展概念验证实验。本方案的本质在于内嵌提供密钥失配存在性判定信息的解封装实现方法,粗心使用这类解封装方案的用户将成为受害者。模拟实验结果表明,使用该攻击方案能够快速恢复出受害者的长期私钥。NIST(National Institute of Standards and Technology)has released the first post-quantum cryptographic algorithm standard specifications(FIPS 203/204/205),and the demonstration and verification of the migration applications of post-quantum cryptographic technology are also underway. In recent years, key mismatch attacks attract attention while it is already known that the key mismatchattack is essentially a chosen ciphertext attack, and thus it is theoretically difficult to break the CCAsecurepost-quantum key encapsulation scheme. A post-quantum cryptographic key mismatch backdoorattack scheme for typical application scenarios is proposed and proof-of-concept experiments are carriedout using the application of the TLS security protocol with CRYSTALS-KYBER as an example. Theessence of this scheme is to embed a decapsulation implementation method that provides key mismatchexistence judgment information, and users who carelessly use this type of decapsulation scheme willbecome victims. Simulation experiment results indicate that the victim’s long-term secret key can bequickly recovered using this attack scheme.

关 键 词:密钥失配攻击 后门攻击 后量子密钥封装方案 Kyber 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象