Timing Leakage Analysis of Non-constant-time NTT Implementations with Harvey Butterflies

Nir Drucker, Tomer Pelleg

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Harvey butterflies and their variants are core primitives in many optimized number-theoretic transform (NTT) implementations, such as those used by the HElib and SEAL homomorphic encryption libraries. However, these butterflies are not constant-time algorithms and may leak secret data when incorrectly implemented. Luckily for SEAL and HElib, the compilers optimize the code to run in constant-time. We claim that relying on the compiler is risky and demonstrate how a simple code modification, naïve compiler misuse, or even a malicious attacker that injects just a single compiler flag can cause leakage. This leakage can reduce the hardness of the ring learning with errors (R-LWE) instances used by these libraries, for example, from 2 128 to 2 104.

Original languageEnglish
Title of host publicationCyber Security, Cryptology, and Machine Learning - 6th International Symposium, CSCML 2022, Proceedings
EditorsShlomi Dolev, Amnon Meisels, Jonathan Katz
PublisherSpringer Science and Business Media Deutschland GmbH
Pages99-117
Number of pages19
ISBN (Print)9783031076886
DOIs
StatePublished - 2022
Externally publishedYes
Event6th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2022 - Beer Sheva, Israel
Duration: 30 Jun 20221 Jul 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13301 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference6th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2022
Country/TerritoryIsrael
CityBeer Sheva
Period30/06/221/07/22

Bibliographical note

Publisher Copyright:
© 2022, Springer Nature Switzerland AG.

Keywords

  • Compiler optimizations
  • Constant-time code
  • Harvey’s butterflies
  • NTT
  • Ring-LWE
  • Side-channel attacks

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Timing Leakage Analysis of Non-constant-time NTT Implementations with Harvey Butterflies'. Together they form a unique fingerprint.

Cite this