A Statistical Explanation of the Timing Attack on QC-MDPC Code Crypto-system
This work addresses security vulnerabilities in post-quantum cryptography, offering insights for cryptographers, but it is incremental as it builds on existing attack methods without introducing new attacks or defenses.
The paper tackles the problem of understanding the mechanics behind timing and reaction attacks on QC-MDPC code cryptosystems by proposing a mathematical model that connects the private key spectrum to decoder performance, providing a statistical explanation for these attacks.
The McEliece cryptosystem based on quasi-cyclic moderate-density parity-check (QC-MDPC) codes is first purposed in 2013\cite{QCMDPC} and is considered a promising contender in the post-quantum era. Understanding its security is hence essential. Till now, the most effective attacks are the reaction attack\cite{Reaction} and the timing attack\cite{Timing}. Both of these attacks rely on the decoding performance to recover the private key. The reaction attack relies on the decoding failure rate and the timing attack relies on the iterations during decoding. However, the mechanics behind these attacks remain elusive. In this paper, a mathematical model is proposed to explain both attacks by connecting the spectrum of private key and first-layer performance of the decoder.