Title: Adaptive Attacks Against FESTA Without Input Validation or Constant-Time Implementation
|
Speaker: |
Youcef Mokrani |
| Affiliation: | University of Waterloo |
| Location: | MC 6029 |
Abstract:
A FESTA trapdoor function is an isogeny-based trapdoor function based on an attempt to apply Kani’s theorem to cryptography. This paper claims that there are adaptive attacks for a FESTA-based scheme if this scheme does not check the correctness of the input matrix or is not implemented in constant time. Our attacks do not apply to the constant-time implementation of the IND-CCA PKE scheme named FESTA proposed in the FESTA original paper. In this paper, we provide adaptive attacks for a FESTA trapdoor function using auxiliary oracles, which reveals the secret key of the function. These oracles may be constructed if the FESTA trapdoor function is used without validating the input matrix or implemented in non-constant time.