Side-channel Analysis of Gr{\o}stl and Skein

International audienceIn this work, a detailed study of two finalists of the SHA-3 competition from the side-channel analysis point of view is provided. For both functions when used as a MAC, this paper presents detected strategies for performing a power analysis. Besides the classical HMAC mode, two additionally proposed constructions, the envelope MAC for Grøstl and the Skein-MAC for Skein are analyzed. Consequently, examples of software countermeasures thwarting first-order DPA or CPA are given. For the validation of our choices, HMAC-Grøstl, HMAC-Skein as well as the countermeasures were implemented on a 32-bit ARM-based smart card, and power analysis attacks were mounted in practice on both unprotected and protected implementations. Finally, the performance difference between both versions is discussed

Static Fault Attacks on Hardware DES Registers

In the late nineties, Eli Biham and Adi Shamir published the first paper on Differential Fault Analysis on symmetric key algorithms. More specifically they introduced a fault model where a key bit located in non-volatile memory is forced to $0/1$ with a fault injection. In their scenario the fault was permanent, and could lead the attacker to full key recovery with low complexity. In this paper, another fault model is considered: forcing a key bit to $0/1$ in the register of a hardware block implementing Data Encryption Standard. Due to the specific location of the fault, the key modification is not permanent in the life of the embedded device, and this leads to apply a powerful safe-error like attack. This paper reports a practical validation of the fault model on two actual circuits, and discusses limitations and efficient countermeasures against this threat

Masked Vector Sampling for HQC

Anticipating the advent of large quantum computers, NIST started a worldwide competition in 2016 aiming to define the next cryptographic standards. HQC is one of these post-quantum schemes still in contention, with four others already in the process of being standardized. In 2022, Guo et al. introduced a timing attack that exploited an inconsistency in HQC rejection sampling function to recover its secret key in 866,000 calls to an oracle. The authors of HQC updated its specification by applying an algorithm to sample vectors in constant time. A masked implementation of this function was then proposed for BIKE but it is not directly applicable to HQC. In this paper we propose a masked specification-compliant version of HQC vector sampling function which relies, to our knowledge, on the first masked implementation of the Barrett reduction

Exploiting Intermediate Value Leakage in Dilithium: A Template-Based Approach

This paper presents a new profiling side-channel attack on CRYSTALS-Dilithium, the new NIST primary standard for quantum-safe digital signatures. An open source implementation of CRYSTALS-Dilithium is already available, with constant-time property as a consideration for side-channel resilience. However, this implementation does not protect against attacks that exploit intermediate data leakage. We show how to exploit a new leakage on a vector generated during the signing process, for which the costly protection by masking is still a matter of debate. With a corpus of 700000 messages, we design a template attack that enables us to efficiently predict whether a given coefficient in one coordinate of this vector is zero or not. By gathering signatures and being able to make the correct predictions for each index, and then using linear algebra methods, this paper demonstrates that one can recover part of the secret key that is sufficient to produce universal forgeries. While our paper deeply discusses the theoretical attack path, it also demonstrates the validity of the assumption regarding the required leakage model from practical experiments with the reference implementation on an ARM Cortex-M4. We need approximately a day to collect enough representatives and one more day to perform the traces acquisition on our target

The complex Y-chromosomal history of gorillas

Studies of the evolutionary relationships among gorilla populations using autosomal and mitochondrial sequences suggest that male-mediated gene flow may have been important in the past, but data on the Y-chromosomal relationships among the gorilla subspecies are limited. Here, we genotyped blood and noninvasively collected fecal samples from 12 captives and 257 wild male gorillas of known origin representing all four subspecies (Gorilla gorilla gorilla, G. g. diehli, G. beringei beringei, and G. b. graueri) at 10 Y-linked microsatellite loci resulting in 102 unique Y-haplotypes for 224 individuals. We found that western lowland gorilla (G. g. gorilla) haplotypes were consistently more diverse than any other subspecies for all measures of diversity and comprised several genetically distinct groups. However, these did not correspond to geographical proximity and some closely related haplotypes were found several hundred kilometers apart. Similarly, our broad sampling of eastern gorillas revealed that mountain (G. b. beringei) and Grauer's (G. b. graueri) gorilla Y-chromosomal haplotypes did not form distinct clusters. These observations suggest structure in the ancestral population with subsequent mixing of differentiated haplotypes by male dispersal for western lowland gorillas, and postisolation migration or incomplete lineage sorting due to short divergence times for eastern gorillas

Generation Times in Wild Chimpanzees and Gorillas Suggest Earlier Divergence Times in Great Ape and Human Evolution

Fossils and molecular data are two independent sources of information that should in principle provide consistent inferences of when evolutionary lineages diverged. Here we use an alternative approach to genetic inference of species split times in recent human and ape evolution that is independent of the fossil record. We first use genetic parentage information on a large number of wild chimpanzees and mountain gorillas to directly infer their average generation times. We then compare these generation time estimates with those of humans and apply recent estimates of the human mutation rate per generation to derive estimates of split times of great apes and humans that are independent of fossil calibration. We date the human–chimpanzee split to at least 7–8 million years and the population split between Neanderthals and modern humans to 400,000–800,000 y ago. This suggests that molecular divergence dates may not be in conflict with the attribution of 6- to 7-million-y-old fossils to the human lineage and 400,000-y-old fossils to the Neanderthal lineage.Human Evolutionary Biolog

Analytical Framework for Identifying and Differentiating Recent Hitchhiking and Severe Bottleneck Effects from Multi-Locus DNA Sequence Data

Hitchhiking and severe bottleneck effects have impact on the dynamics of genetic diversity of a population by inducing homogenization at a single locus and at the genome-wide scale, respectively. As a result, identification and differentiation of the signatures of such events from DNA sequence data at a single locus is challenging. This paper develops an analytical framework for identifying and differentiating recent homogenization events at multiple neutral loci in low recombination regions. The dynamics of genetic diversity at a locus after a recent homogenization event is modeled according to the infinite-sites mutation model and the Wright-Fisher model of reproduction with constant population size. In this setting, I derive analytical expressions for the distribution, mean, and variance of the number of polymorphic sites in a random sample of DNA sequences from a locus affected by a recent homogenization event. Based on this framework, three likelihood-ratio based tests are presented for identifying and differentiating recent homogenization events at multiple loci. Lastly, I apply the framework to two data sets. First, I consider human DNA sequences from four non-coding loci on different chromosomes for inferring evolutionary history of modern human populations. The results suggest, in particular, that recent homogenization events at the loci are identifiable when the effective human population size is 50000 or greater in contrast to 10000, and the estimates of the recent homogenization events are agree with the “Out of Africa” hypothesis. Second, I use HIV DNA sequences from HIV-1-infected patients to infer the times of HIV seroconversions. The estimates are contrasted with other estimates derived as the mid-time point between the last HIV-negative and first HIV-positive screening tests. The results show that significant discrepancies can exist between the estimates

Contacts in the last 90,000 years over the Strait of Gibraltar evidenced by genetic analysis of wild boar (Sus scrofa)

[EN] Contacts across the Strait of Gibraltar in the Pleistocene have been studied in different research papers, which have demonstrated that this apparent barrier has been permeable to human and fauna movements in both directions. Our study, based on the genetic analysis of wild boar (Sus scrofa), suggests that there has been contact between Africa and Europe through the Strait of Gibraltar in the Late Pleistocene (at least in the last 90,000 years), as shown by the partial analysis of mitochondrial DNA. Cytochrome b and the control region from North African wild boar indicate a close relationship with European wild boar, and even some specimens belong to a common haplotype in Europe. The analyses suggest the transformation of the wild boar phylogeography in North Africa by the emergence of a natural communication route in times when sea levels fell due to climatic changes, and possibly through human action, since contacts coincide with both the Last Glacial period and the increasing human dispersion via the strait.This study was supported by The Emirates Centre for Wildlife Propagation (Morocco). The funder had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Soria-Boix, C.; Donat-Torres, MP.; Urios, V. (2017). Contacts in the last 90,000 years over the Strait of Gibraltar evidenced by genetic analysis of wild boar (Sus scrofa). PLoS ONE. 12(7). doi:10.1371/journal.pone.0181929S12

Linguistic and maternal genetic diversity are not correlated in Native Mexicans

Mesoamerica, defined as the broad linguistic and cultural area from middle southern Mexico to Costa Rica, might have played a pivotal role during the colonization of the American continent. The Mesoamerican isthmus has constituted an important geographic barrier that has severely restricted gene flow between North and South America in pre-historical times. Although the Native American component has been already described in admixed Mexican populations, few studies have been carried out in native Mexican populations. In this study, we present mitochondrial DNA (mtDNA) sequence data for the first hypervariable region (HVR-I) in 477 unrelated individuals belonging to 11 different native populations from Mexico. Almost all of the Native Mexican mtDNAs could be classified into the four pan-Amerindian haplogroups (A2, B2, C1, and D1); only two of them could be allocated to the rare Native American lineage D4h3. Their haplogroup phylogenies are clearly star-like, as expected from relatively young populations that have experienced diverse episodes of genetic drift (e.g., extensive isolation, genetic drift, and founder effects) and posterior population expansions. In agreement with this observation, Native Mexican populations show a high degree of heterogeneity in their patterns of haplogroup frequencies. Haplogroup X2a was absent in our samples, supporting previous observations where this clade was only detected in the American northernmost areas. The search for identical sequences in the American continent shows that, although Native Mexican populations seem to show a closer relationship to North American populations, they cannot be related to a single geographical region within the continent. Finally, we did not find significant population structure in the maternal lineages when considering the four main and distinct linguistic groups represented in our Mexican samples (Oto-Manguean, Uto-Aztecan, Tarascan, and Mayan), suggesting that genetic divergence predates linguistic diversification in Mexico

Population dynamics and genetic connectivity in recent chimpanzee history

The European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation program (grant agreement no. 864203) (to T.M.-B.). BFU2017-86471-P (MINECO/FEDER, UE) (to T.M.-B.). “Unidad de Excelencia María de Maeztu”, funded by the AEI (CEX2018-000792-M) (to T.M.-B.). Howard Hughes International Early Career (to T.M.-B.). NIH 1R01HG010898-01A1 (to T.M.-B.). Secretaria d’Universitats i Recerca and CERCA Program del Departament d’Economia i Coneixement de la Generalitat de Catalunya (GRC 2017 SGR 880) (to T.M.-B.). UCL’s Wellcome Trust ISSF3 award 204841/Z/16/Z (to A.M.A. and J.M.S.). Generalitat de Catalunya (2017 SGR-1040) (to M. Llorente). Wellcome Trust Investigator Award 202802/Z/16/Z (to D.A.H.). The Pan African Program: The Cultured Chimpanzee (PanAf) is generously funded by the Max Planck Society, the Max Planck Society Innovation Fund, and the Heinz L. Krekeler Foundation.Knowledge on the population history of endangered species is critical for conservation, but whole-genome data on chimpanzees (Pan troglodytes) is geographically sparse. Here, we produced the first non-invasive geolocalized catalog of genomic diversity by capturing chromosome 21 from 828 non-invasive samples collected at 48 sampling sites across Africa. The four recognized subspecies show clear genetic differentiation correlating with known barriers, while previously undescribed genetic exchange suggests that these have been permeable on a local scale. We obtained a detailed reconstruction of population stratification and fine-scale patterns of isolation, migration, and connectivity, including a comprehensive picture of admixture with bonobos (Pan paniscus). Unlike humans, chimpanzees did not experience extended episodes of long-distance migrations, which might have limited cultural transmission. Finally, based on local rare variation, we implement a fine-grained geolocalization approach demonstrating improved precision in determining the origin of confiscated chimpanzees.Publisher PDFPeer reviewe