3

Fast and Frobenius: Rational Isogeny Evaluation over Finite Fields

Breaking DPA-protected Kyber via the pair-pointwise multiplication

We present a new template attack that allows us to recover the secret key in Kyber directly from the polynomial multiplication in the decapsulation process. This multiplication corresponds to pair-pointwise multiplications between the NTT …

Disorientation faults in CSIDH

We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions. Our disorientation attacks effectively flip the direction of some isogeny steps. We achieve this by faulting a specific subroutine, …

Efficient supersingularity testing over F_p and CSIDH key validation

On recovering block cipher secret keys in the cold boot attack setting

This paper presents a general strategy to recover a block cipher secret key in the cold boot attack setting. More precisely, we propose a key-recovery method that combines key enumeration algorithms and Grover's quantum algorithm to recover a block …

Wavelet: Code-based postquantum signatures with fast verification on microcontrollers

This work presents the first full implementation of Wave, a postquantum code-based signature scheme. We define Wavelet, a concrete Wave scheme at the 128-bit classical security level (or NIST postquantum security Level 1) equipped with a fast …

Quantum-Resistant Security for Software Updates on Low-power Networked Embedded Devices

As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a …

DAGS: Key Encapsulation using Dyadic GS Codes