Decimated in Linear Time; Single Power Trace, Full Key Recovery Attack on Toeplitz Hash Privacy Amplification

Authors: Niall Canavan, Tuan Hoang, Ayesha Khalid and Maire O’Neill

We demonstrate a template power side channel attack that recovers the full secret key on an implementation of Decimation in Time Fast Fourier Transform (DIT-FFT) optimisations on Toeplitz Hashing based privacy amplification, commonly used in quantum key distribution. The duration of the attack is linear in time with respect to the input key length when the target platform is an ARM Cortex-M4 and is successful with a single power trace. We demonstrate that key leakage is present in an Artix-7 FPGA power trace, but high noise makes a single trace attack difficult.