Disorientation Faults in CSIDH

Published in In *IACR eprint*, 2022

We investigate a new class of fault-injection attacks against the CSIDH family of cryptographic group actions, dubbed disorientation attacks. These attacks flip the direction of specific isogeny steps by targeting subroutines like Legendre symbol or Elligator computations.

Highlights:

  • Break both CSIDH and CTIDH with modest computational effort
  • Exploit widespread components in real implementations
  • Provide post-processing techniques to infer constraints on the secret
  • Propose lightweight countermeasures and assess their effectiveness

This work contributes to understanding and defending against physical attacks on isogeny-based cryptography.

Recommended citation: Gustavo Banegas, Juliane Krämer, Tanja Lange, Michael Meyer, Lorenz Panny, Krijn Reijnders, Jana Sotáková, Monika Trimoska. (2022). "Disorientation Faults in CSIDH." In IACR eprint.
Download Paper | Download Slides | Download Bibtex