The news broke that researchers from the Belgian university KU Leuven (Katholieke Universiteit Leuven) cracked one of the four encryption algorithms recommended by the US National Institute of Standards and Technology (NIST) using a computer with a single core of an Intel Xeon processor, released in 2013.
The algorithm, called SIKE (Supersingular Isogeny Key Encapsulation), had beaten most of the competition from NIST to develop quantum-resistant encryption algorithms. However, it was relatively easily cracked by researchers.
Last month, NIST announced the winners of a competition a year to develop new encryption standards, designed to protect against a hypothetical threat (for now) that has yet to be invented: quantum computers.
It is predicted that this hardware will one day be so powerful that it can easily crack current public-key encryption, including standards such as RSA and Diffie-Hellman. To guard against this future threat, the US government has invested in creating new encryption standards that can withstand the hardware attacks of days to come.
NIST has selected four encryption algorithms that it believes provide adequate protections and that it plans to standardize. The competition was years in the making and involved dozens of competitors from around the world.
Following the selection of the four finalists, NIST also announced that four other nominees were considered as potential candidates for standardization. SIKE (Supersingular Isogeny Key Encapsulation) was one of the secondary finalists in the NIST competition, but a recently discovered cyberattack managed to crack SIKE relatively easily.
But still, the computer that launched the attack was far from a quantum computer: It was a single core PC (meaning less powerful than a classic PC), and it only took an hour for the little machine to accomplish such a task.
The exploit was discovered by researchers from the Computer Security and Industrial Cryptography (CSIS) group at KU Leuven University. SIKE includes a public key encryption algorithm and key wrapping mechanism, each instantiated with four parameter sets: SIKEp434, SIKEp503, SIKEp610, and SIKEp751.
“Running on a single core, the attached Magma code clears SIKE's $IKEp182 and $IKEp217 hurdles in approximately 4 and 6 minutes, respectively. A run on the SIKEp434 parameters, previously thought to be NIST Quantum Security Level 1 compliant, took approximately 62 minutes, still on a single core,” the researchers wrote.
The developers of SIKE have offered a $50,000 reward for anyone who can crack it.
“The newly discovered weakness is clearly a blow to SIKE. The attack is really unexpected,” said David Jao, one of the algorithm's creators.
CSIS researchers have made their code public, along with details of its processor: a 5 GHz Intel Xeon E2630-2v2,60 CPU. This chip was released in Q2013 22, it uses Intel's Ivy Bridge architecture and a XNUMXnm manufacturing process. The chip offered six cores, but five of them were in no way hampered by this challenge.
In the article published over the weekend, CSIS researchers explained that they approached the problem from a purely mathematical point of view, attacking the heart of the algorithm design instead of the possible vulnerabilities of the code. They managed to crack SIKE by attacking its base encryption algorithm, Supersingular Isogeny Diffie-Hellman (SIDH). SIDH would be vulnerable to the "paste and divide" theorem, developed in 1997 by mathematician Ernst Kani, with additional mathematical tools designed in 2000. The attack also uses curves of genus 2 to attack elliptic curves.
“The attack exploits the fact that SIDH has auxiliary points and that the degree of covert isogeny is known. Auxiliary points in SIDH have always been a nuisance and potential weakness, and have been exploited for foul attacks, the adaptive GPST attack, twist point attacks, etc. explained Steven Galbraith, professor of mathematics at the University of Auckland. For the rest of us, this all means that researchers used math to figure out SIKE's encryption scheme and were able to predict, and then recover, its encryption keys.
For their efforts and their article titled "An Efficient Key Recovery Attack on SIDH (Preview)", researchers will receive the $50,000 reward offered by Microsoft and its peers.
Finally, if you are interested in knowing more about it, you can check the details In the following link.