Authors: Dillibabu Shanmugam; Jothi Rangasamy
Addresses: Society for Electronic Transactions and Security (SETS), CIT Campus, Chennai, 600113, India ' National Institute of Technology Karnataka (NITK), Mangalore, 575025, India
Abstract: Universal hashing-based message authentication code (MAC) is used as the de facto method to achieve information-theoretically secure authentication in quantum key distribution. We present a critical look at the most widely used type, namely Wegman-Carter MAC based on polynomial hashing and analyse its robustness against physical attacks exploiting side information. In particular, we mount a classical DPA attack on the hash part of the Wegman-Carter MAC which leads to a possible intercept-and-resend attack on the BB84-like QKD protocols. We illustrate this case with polynomial-evaluation MACs as their variants are used in commercial QKD systems. We show that our attack methodology is much simpler compared to that of Belaid et al. at ASIACRYPT 2014. Finally, we present an algebraic countermeasure so that the resulting MAC is not susceptible to the identified attack.
Keywords: universal hashing; polynomial-evaluation MACs; information leakage; quantum key distribution.
International Journal of Information and Computer Security, 2022 Vol.18 No.3/4, pp.365 - 382
Received: 04 Feb 2021
Accepted: 26 May 2021
Published online: 05 Sep 2022 *