10:45h – One for All, All for Ascon: Ensemble-based Deep Learning Side-channel
Analysis (Azade Rezaeezade)
Abstract:
In recent years, deep learning-based side-channel analysis (DLSCA) has become
an active research topic within the side-channel analysis community. The
well-known challenge of hyperparameter tuning in DLSCA encouraged the community
to use methods that reduce the effort required to identify an optimal model.
One of the successful methods is ensemble learning. While ensemble methods have
demonstrated their effectiveness in DLSCA, particularly with AES-based
datasets, their efficacy in analyzing symmetric-key cryptographic primitives
with different operational mechanics remains unexplored.
Ascon was recently announced as the winner of the NIST lightweight cryptography
competition. This will lead to broader use of Ascon and a crucial requirement
for thorough side-channel analysis of its implementations. With these two
considerations in view, we utilize an ensemble of deep neural networks to
attack two implementations of Ascon. Using an ensemble of five multilayer
perceptrons or convolutional neural networks, we could find the secret key for
the Ascon-protected implementation with less than 3\,000 traces. To the best of
our knowledge, this is the best currently known result. We can also identify
the correct key with less than 100 traces for the unprotected implementation of
Ascon, which is on par with the state-of-the-art results.
11:30h – coffee break
11:45h – Analysis of HWQCS and Layered-ROLLO-I (Alex Pellegrini)
Research in code based cryptography area led to the proposal of candidates to
post-quantum competitions using both codes in the Hamming and rank metrics. In
this talk I will present the cryptanalysis of Layered-ROLLO-I, a rank metric
code-based cryptosystem submitted to the Korean post-quantum Cryptography
Competition, and HWQCS, a Hamming metric signature scheme presented at ICISC
2023. I will show how to unwrap the layers of Layered-ROLLO-I reducing it to a
weak version of ROLLO-I and also describe an efficient message recovery attack
that only uses linear algebra. Moving to HWQCS, I will show that the signatures
leak substantial secret information, give a statistical modeling of the leakage
and finally use this knowledge to mount an efficient universal forgery attack.
12:30h – lunch
14h - Towards Compressed Permutation Oracle (Dominique Unruh)
Abstract:
Compressed oracles (Zhandry, Crypto 2019) are a powerful technique to reason
about quantum random oracles, enabling a sort of lazy sampling in the presence
of superposition queries. A long-standing open question is whether a similar
technique can also be used to reason about random (efficiently invertible)
permutations.
In this work, we make a step towards answering this question. We first define
the compressed permutation oracle and illustrate its use. While the soundness
of this technique (i.e., the indistinguishability from a random permutation)
remains a conjecture, we show a curious 2-for-1 theorem: If we use the
compressed permutation oracle methodology to show that some construction (e.g.,
Luby-Rackoff) implements a random permutation (or strong qPRP), then we get the
fact that this methodology is actually sound for free.
14:45h – Coffee break
15h - Topology-Based Reconstruction Defences for Decentralised Learning (
Florine Dekker)
Abstract:
Decentralised learning has recently gained traction as an alternative to
federated learning in which both data and coordination are distributed over the
users. To preserve the confidentiality of users' data, decentralised learning
relies on differential privacy, multi-party computation, or a combination
thereof. However, running multiple privacy-preserving summations in sequence
may, counterintuitively, decrease privacy in what is known as a reconstruction
attack. Unfortunately, current reconstruction countermeasures either do not
consider correlated data, or have been designed for centralised systems and
cannot trivially be adapted to the setting of decentralised learning.
In this work, we show that passive honest-but-curious adversaries can
reconstruct other users' private data after several privacy-preserving
summations. For example, in subgraphs with 18 users, we show that only three
passive honest-but-curious adversaries succeed at reconstructing private data
11.0% of the time, requiring an average of 8.8 summations per adversary. The
success rate is independent of the size of the full network. We consider weak
adversaries, who do not control the graph topology, and can exploit neither the
inner workings of the summation protocol nor the specifics of users' data.
We develop a mathematical understanding of how reconstruction relates to
topology and propose the first decentralised countermeasure to reconstruction
attacks as seen in decentralised learning. Specifically, we show that
reconstruction requires a number of adversaries linear in the length of the
network's shortest cycle. Consequently, reconstructing private data from
privacy-preserving summations is impossible in acyclic networks.
Our work is a stepping stone for a formal theory of decentralised
reconstruction defences through structured composition. Such a theory would
generalise our countermeasure beyond summation, define confidentiality in terms
of entropy, and describe the effects of (topology-aware) differential privacy.
15:45h – end of activities