惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园 - 司徒正美
D
Darknet – Hacking Tools, Hacker News & Cyber Security
M
MIT News - Artificial intelligence
腾讯CDC
IT之家
IT之家
Microsoft Azure Blog
Microsoft Azure Blog
M
Microsoft Research Blog - Microsoft Research
阮一峰的网络日志
阮一峰的网络日志
H
Help Net Security
L
LangChain Blog
G
Google Developers Blog
Stack Overflow Blog
Stack Overflow Blog
人人都是产品经理
人人都是产品经理
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 【当耐特】
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
U
Unit 42
Recent Announcements
Recent Announcements
S
SegmentFault 最新的问题
大猫的无限游戏
大猫的无限游戏
博客园 - Franky
T
The Blog of Author Tim Ferriss
罗磊的独立博客
宝玉的分享
宝玉的分享
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
雷峰网
雷峰网
D
DataBreaches.Net
爱范儿
爱范儿
Schneier on Security
Schneier on Security
P
Palo Alto Networks Blog
Spread Privacy
Spread Privacy
Hugging Face - Blog
Hugging Face - Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
博客园_首页
T
Threat Research - Cisco Blogs
I
InfoQ
有赞技术团队
有赞技术团队
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Recorded Future
Recorded Future
量子位
H
Hackread – Cybersecurity News, Data Breaches, AI and More
GbyAI
GbyAI
Cyberwarzone
Cyberwarzone
B
Blog
C
Check Point Blog
P
Proofpoint News Feed
S
Securelist
A
Arctic Wolf

Cryptology ePrint Archive

Beyond 128 Bits: The Concrete Security of EKE Streamlined Symmetric Private Information Retrieval via Rényi Divergence Guess-and-Determine Rebound Revisited: Full Quantum Collision Attack on AES-256 in DM Hash Mode Decomposition of the Ate Pairing and its Relation to Generalized Pairing Inversion Round-Optimal Subversion-Resilient UC PAKE from Malleable Trapdoor Smooth Projective Hash Functions AWARE: A Non-Interactive Anonymous Whistleblowing System against Recipient Corruption Ciphertext-Updatable Attribute-Based and Predicate Encryption from Lattices Finding Random Collisions for Random Degree-2 Functions Safe and Secure Autonomy by Machine Learning Techniques: A Systematic Literature Review Doubly Aggregatable Signatures CoNAN: A Structure-Aware Framework for Lattice Cryptanalysis Classical and Quantum Full Plaintext Recovery for Low-Round Feistel-Type Designs Related-Differential Distinguishers on up to 7 Rounds of AES Scaling Intelligence: Verifiable Decision Forest Inference with $\textit{Remainder}$ On Publicly Verifiable Tokens in Group Signatures with Message-Dependent Opening Resettable Non-Interactive Zero-Knowledge: Attacks and Defenses SoK: Rijndael-256 Vistrutah on FPGA: High-Throughput Pipelined Architecture and Comparison with Wider AES Variant A New Construction Method for More Efficient Quadratic One-Time Noisy Multi-Client Functional Encryption Schemes When Removing Reductions Goes Wrong: Auditing Reduction Placement in Production ML-DSA Implementations Compact Quaternion Algorithms for SQIsign Pushforward Problems and Applications to Isogeny-based Cryptography Towards a Unified Memory-Less Framework for TCitH Collusion-Resistant Asymmetric Anamorphic Encryption: Framework, Generic Construction, and Concrete Instantiations Computing Asymptotic Bounds for the Automated Coppersmith Method via Linear Programming Sparse Hermite Interpolation Method for Discrete-CKKS Functional Bootstrapping Geometric Critical Point Screening: Clustering-Free Cryptanalytic Extraction of Neural Network Models Separating the Pebbling Model from the Random Oracle Model Faster CoeffToSlot and SlotToCoeff for Sparsely Packed Ciphertexts with Application to CKKS Bootstrapping Thorns in Polynomial Convolution: Correlation, Large Deviations, and Applications Schnorr-like Proofs of Knowledge for Hidden Oil Subspaces in UOV On the Formal Verification of Authenticated Encryption of the MQTT Protocol On the Security of Public Key Authenticated Encryption with Keyword Search with Sender-independent Search Complexity Symmetric Attribute-Based Encryption from Minimal Hardness Assumptions Quantum and Post-Quantum Blockchain: A Systematic Survey Efficient Homomorphic String Search via TFHE Comments on "Server-Aided Public Key Authenticated Searchable Encryption With Constant Ciphertext and Constant Trapdoor" Updatable Public-Key Encryption from FESTA Sequence-Level Security for Active Weighted Signature Reconfiguration Linear self-equivalence of the known families of APN functions: a unified point of view Can We Tolerate Small Side-Channel Leakages: The Role of Registers in Glitch-Stopping Circuits Signal and Ready to MINGLE: In-Band Gossip for Key Transparency Split-View Detection in E2EE Messengers Constant-Online PVSS from CCA2-Secure Threshold Encryption: A Generic Framework Unified FPGA Design of Kyber and Dilithium with Provable Fault Tolerance Quantum Circuit Implementation and Grover’s Search on the Lightweight Block Cipher KLEIN Family Current trends in AI-Aided Cryptography More from Less: Composable General Multi-Party Computation with Global Public Verifiability from a Single Enclave Only PQKryvos: Post-Quantum Secure E-Voting With Flexible Ballot Formats and Public Tally-Hiding A Blockchain-Based Pre-Verification Access Control Scheme with Vector Commitments and Bulletproofs On weak keys of POK\'{E} Distributed Simon's Algorithm with Less Per-Node Qubit Overhead and Its Application to Cryptanalysis Information-Theoretic Optimistic Verifiable Secret Sharing Modern Portfolio Theory in the Crypto-Wilderness Balanced and Adaptively Secure Asynchronous Common Coin and Byzantine Agreement With Sub-Quadratic Communication Miraidon: MinRank Identification Topology-Hiding Computation From Key Agreement in Diameter-Two Graphs On Local Invariants for Permutation Equivalence Super-intelligence Survival Guide: Verification via Proof-Carrying Output Format-Preserving Encryption Creates a Privacy Attack Surface for Re-Identification Suppressing Hidden Extension-Field Linearity in Rank-Metric Cryptography via Structural Incompatibility DDYF: Differential Dolev-Yao Fuzzing of Cryptographic Protocols Single-Trace Power Analysis of LESS Key Generation BumbleBee: Best-of-Both-Worlds MVBA with Optimal Communication, Latency and Resilience Tradeoffs Maskaglia: A New, Efficient Approach to Masked Discrete Gaussian Sampling Impact of Post-Quantum Signatures on InnoDB B+-Trees and Efficient Batch Signing VeinoCert: Binding an Object to an Owner A New Insight into Constructing Cryptographic Boolean Functions via Walsh Spectral Analysis Quantum algorithm for Discrete Gaussian Sampling A formal analysis of FLEX and FLEX2 Zero-shot deep-unfolding decoder for QC-MDPC McEliece cryptosystems Profiling-Device-Free SASCA Framework for ML-KEM Key-Independent Secret-Key Distinguisher for 7-Round AES based on the Joint Generalized Zero-Difference Property Improved Dual Attack via Quantum Rejection Sampling Verifying Consensus Protocols from LLM-assisted TLA$^+$: A Case Study of Byzantine Reliable Broadcast ThriftyMPC: Reducing the Cost of Large-Scale MPC in the Cloud Revisiting DKLs Threshold ECDSA: Enhanced OT-based VOLE and Two-Party Signing Functional Bootstrapping for a Single LWE Ciphertext with \(\tilde{O}(1)\) Polynomial Multiplications LoTRS: Practical Post-Quantum Structured Threshold Ring Signatures from Lattices Asynchronous Lagrange-Based Threshold FHE with Smaller Modulus Overhead Breaking ACDGV MinRank Gabidulin encryption schemes over matrix codes Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography Security Analysis on a Blockchain-based Public-Key Authenticated Searchable Encryption Scheme Icy-DVRF: A Distributed Verifiable Random Function based on FROST signatures Frobenius-UOV: A Very Efficient Multivariate Public Key Signature Scheme Revisiting Linear Subspace Trails in Poseidon2 and Neptune A New Multiscalar Multiplication Method Resistant to Timing Attacks Device Binding for Anonymous Credentials on Legacy Phones Beyond Quadratic: Unlocking Pseudorandomness with Quartic Character Multi-leveled and ISA/IEC 62443-aware Certificate Transparency to Protect the PKI Service Supply Chain of Operational Technology rBFT: a Revamped Two-Stage BFT from Delegated Committee Delving Deep into Security Guarantees against Integral Distinguishers with Applications to PRESENT, TWINE and LBLOCK On the Communication Complexity of Sleepy Consensus Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure Enhancing Blockchain Proof of Stake with Active Weighted Signatures: The ADAPT Framework Threshold FHE with Short Decryption Shares without a Semi-trusted Server Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic YsPIR: HE-Based Single-Server Private Information Retrieval with Low Communication Cost and High Throughput Black-box validation of Falcon key generation under numerical instability Tight Lattice-Based Signatures without Trapdoors from Search LWE Formalizing Blockchain PQC Signature Transition: How to Outpace Quantum Adversaries
Full Key Recovery of Masked PRESENT on an Out-of-Order RISC-V Processor: A First Reported Case Study
Siddhartha C · 2026-05-25 · via Cryptology ePrint Archive

Paper 2026/1052

Full Key Recovery of Masked PRESENT on an Out-of-Order RISC-V Processor: A First Reported Case Study

Nimish Mishra, Indian Institute of Technology Kharagpur

Sarani Bhattacharya, Indian Institute of Technology Kharagpur

Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur

Abstract

Masking-based countermeasures such as Threshold Implementations and Probe-Isolating Non-Interference (PINI) are commonly assumed to protect cryptographic software against side-channel leakage by maintaining isolation between secret shares. In this work, we show that this assumption can break on modern out-of-order (OoO) processors due to backend microarchitectural effects that are not visible at the ISA level. We present \texttt{OoOLyzer}, a trace-driven analysis framework that reconstructs physical-register reuse and backend execution interactions from OoO RISC-V pipeline traces. Using \texttt{OoOLyzer}, we identify leakage arising from backend physical-register reuse and transient overlap of masked-share operations inside OoO execution structures. We evaluate the framework on a masked PRESENT implementation and composable PINI gadgets. Our analysis shows that although rotated-share computations protect selected nonlinear operations, affine share pairs remain directly represented in the architectural execution state. OoO register renaming can therefore induce physical-register transitions of the form \[ \operatorname{HW}_{\mathrm{bit}}(a_0[b]\oplus a_1[b]), \] which reconstruct affine PRESENT intermediates and create key-dependent leakage. We validate the leakage experimentally in two stages. First, using a modified gem5 OoO RISC-V model, we attribute the dominant leakage source to backend physical-register reuse and demonstrate first-round PRESENT subkey recovery from masked execution traces. Second, on a real SiFive P550-class OoO RISC-V processor, we perform a temperature-based side-channel experiment using Linux-accessible thermal telemetry and recover 60 out of 80 key bits from the masked PRESENT implementation. The results establish a complete cross-layer leakage path from masked software execution to OoO backend interactions, physical-register transitions, thermal behavior, and practical key recovery on real hardware. Our findings demonstrate that masking schemes appearing secure under software-level analysis may still leak on OoO processors, motivating hardware-aware verification of masked software deployments.

BibTeX 

@misc{cryptoeprint:2026/1052,
      author = {Siddhartha Chowdhury and Nimish Mishra and Sarani Bhattacharya and Debdeep Mukhopadhyay},
      title = {Full Key Recovery of Masked {PRESENT} on an Out-of-Order {RISC}-V Processor: A First Reported Case Study},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/1052},
      year = {2026},
      url = {https://eprint.iacr.org/2026/1052}
}

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。