Decryption failures as side channel attacks

Securing information involves multiple layers: mathematical encryption, protocol design, software implementation and hardware implementation. Multiple disciplines are involved, mathematicians, software developers, telecommunication technicians and cybersecurity engineers. Mathematical cryptanalysis analyses encrypted information, whereas side channel cryptanalysis analyses information leaked via software/hardware implementation. In this presentation we give an overview of reaction attacks due to protocol-based leaked information. We particularly look at McEliece Cryptosystems, also called Code Based Cryptography, using LDPC codes. The LDPC McEliece crypto system is vulnerable to reaction attacks. We discuss reaction attacks that use decryption failure events to gather information about the decryption key. We propose to consider such decryption failures as a side channel from which information can be gathered. We conclude that any code-based cryptographic protocol requires careful cybersecurity engineering management of decryption failure events.