Reverse Engineering Post-Quantum Cryptography Schemes to Find Rowhammer Exploits

Author

Sam LefforgeFollow

Date of Graduation

5-2023

Document Type

Thesis

Degree Name

Bachelor of Science

Department

Computer Science and Computer Engineering

Advisor/Mentor

Nelson, Alexander

Committee Member/Reader

Andrews, David

Committee Member/Second Reader

Huang, Mioaqing

Abstract

Post-quantum cryptography is a necessary countermeasure to protect against attacks from quantum computer. However, the post-quantum cryptography schemes are potentially vulnerable to side channel attacks. One such method of attacking involves creating bit-flips in victim memory through a process called Rowhammer. These attacks can vary in nature, but can involve rowhammering bits to raise the encryption scheme's decryption failure rate, or modifying the scheme's random seed. With a high enough decryption failure rate, it becomes feasible to generate sufficient information about the secret key to perform a key recovery attack. This thesis proposed two attacks on proposed post-quantum cryptography algorithms, namely Kyber and BIKE. This process involves profiling the memory to determine which bits can be flipped, massaging a victim page into the correct spot in physical memory, and degrading the cores so that our attack timing coincides with the refreshing of the system's DRAM. The thesis demonstrates both of these attacks in simulation, and further work will execute these attacks on real hardware.

Keywords

Side-channel, rowhammer, BIKE, Kyber, CRYSTALS-Kyber

Citation

Lefforge, S. (2023). Reverse Engineering Post-Quantum Cryptography Schemes to Find Rowhammer Exploits. Computer Science and Computer Engineering Undergraduate Honors Theses Retrieved from https://scholarworks.uark.edu/csceuht/113