Falko Strenzke

MTG AG

In this work we demonstrate various weaknesses of the random number generator (RNG) in the OpenSSL cryptographic library. We show how OpenSSL’s RNG, knowingly in a low entropy state, potentially leaks low entropy secrets in its output, which were never intentionally fed to the RNG by client code, thus posing vulnerabilities even when in the given u...

In this work we present the first implementation of the Dahmen-Krauß Hash-Chain Signature Scheme (DKSS) for short messages on a Wireless Sensor Node. We point out one error in the originally proposed scheme concerning the specification of the employed pseudo-random number generator and provide a corrected specification. We also give a new time-memo...

While it is generally believed that due to their large public and private key sizes code based public key schemes like the McEliece PKC cannot be conveniently implemented on memory-constrained devices, we demonstrate otherwise. We show that for the public key we face rather a transmission problem than a storage problem: we propose an approach for P...

In this work, we introduce a new timing vulnerability in the decryption operation of the McEliece cryptosystem. Furthermore, we review previously known side channel and fault attacks against the RSA and McEliece cryptosystems and analyze them with respect to their differences and similarities concerning the respective points of attack. We show that...

The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this article, we propose a simple power analysis attack on this cryptosystem. The attack exploits an information leakage, which results from the relation between the error vector weight and the iteration number of the extended Eu...

In this work we analyze five previously published respectively trivial approaches and two new hybrid variants for the task of finding the roots of the error locator polynomial during the decryption operation of code-based encryption schemes. We compare the performance of these algorithms and show that optimizations concerning finite field element r...

In this work we present the first practical key-aimed timing attack against code-based cryptosystems. It arises from vulnerabilities that are present in the inversion of the error syndrome through the Ex-tended Euclidean Algorithm that is part of the decryption operation of these schemes. Three types of timing vulnerabilities are combined to a succ...

Many future electronic identity cards will be equipped with a contact-less interface. Analysts expect that a significant proportion of future mobile phones support Near Field Communication (NFC) technology. Thus, it is a reasonable approach to use the cell phone as mobile smart card terminal, which in particular supports the Password Authenticated...

In this work we examine a number of different open source implementations of the RSA Optimal Asymmetric Encryption Padding (OAEP) and generally RSA with respect to the message-aimed timing attack introduced by James Manger in CRYPTO 2001. We show the shortcomings concerning the countermeasures in two libraries for personal computers, and address po...

The McEliece and the Niederreiter public key cryptosystems (PKC) are supposed secure in a post quantum world (4) because there is no ecient quantum algorithm for the underlying problems upon which these cryptosystems are built. The CFS, Stern and KKS signature schemes are post-quantum secure because they are based on hard problems of coding theory....

In this work we present a novel timing attack against the McEliece public key cryptosystem (PKC). In contrast to former works investigating timing attacks that aim at recovering the message, we devise how to exploit a vulnerability in the Patterson algorithm that allows the attacker to gather information about the secret permutation through a timin...

In this paper we present a smart card implementation of the quantum computer resistant McEliece Public Key Cryptosystem (PKC) on an Infineon SLE76 chip. We describe the main features of the implementation which focuses on performance optimization. We give the resource demands and timings for two sets of security parameters, the higher one being in...

The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this paper we propose a timing attack on the Patterson Algorithm, which is used for efficient decoding in Goppa codes. The attack is based on the relation between the error vector weight and the iteration number of the extended E...

McEliece scheme represents a code-based public-key cryptosystem. So far, this cryptosystem was not employed because of efficiency questions regarding performance and communication overhead.This paper presents a novel processor architecture as a high-performance platform to execute key generation, encryption and decryption according to this cryptosy...

The McEliece public key cryptosystem (PKC) is regarded as secure in the presence of quantum computers because no efficient quantum algorithm is known for the underlying problems, which this cryptosystem is built upon. As we show in this paper, a straightforward implementation of this system may feature several side channels. Specifically, we presen...