What is reaction attack?

us flag

In the paper of "Reaction Attacks against Several Public-Key Cryptosystems" CiteSeerX link, reaction attack is defined informally as "Obtaining information about the private key or plaintext by watching the reaction of someone decrypting a given ciphertext with the private key."

Is reaction attack explicitly defined in literature? What is the difference between fault attack and reaction attack -as defined here- ?

DannyNiu avatar
vu flag
Reading their abstract, I'm certain it's an umbrella term for side-channel attack (and you've tagged as such).
kelalaka avatar
in flag
Paper is [here]( it is well-written about it on the second page. Yes, it is a side-channel but not a fault attack that targets the hardware, this is a soft attack that you get only information from the reaction like the CBC-padding oracles or the tag mismatch in GCM...
NB_1907 avatar
us flag
Are decryption failure attacks in these class?
in flag

"Reaction attack" seems to be just a custom name used in a few papers, meaning the reaction of the decryption oracle on maliciously crafted/modified ciphertexts. These are just CCA attacks, not side-channel attacks a priori, but in some cases side channel information such as timing can be used.

These attacks are based exploiting the decryption oracle. Note that many CPA-secure schemes are not CCA-secure (e.g. CBC encryption of a block cipher is vulnerable to the padding oracle attack), however there are ways to convert them in CCA-secure schemes (e.g. adding a MAC for symmetric encryption, or the Fujisaki-Okamoto (FO) transformation for asymmetric schemes).

fgrieu avatar
ng flag
An example of "reaction" would be an error code that differs according to what went wrong in a decryption operation. I would rather take a position about the most natural endianness than about if that varying error code qualifies as a side-channel.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.