Cache Timing Leakages in Zero-Knowledge Protocols

Shibam Mukherjee; Christian Rechberger; Markus Schofnegger

doi:10.4230/LIPIcs.AFT.2025.1

Cache Timing Leakages in Zero-Knowledge Protocols

Shibam Mukherjee
, Christian Rechberger
, Markus Schofnegger

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

The area of modern zero-knowledge proof systems has seen a significant rise in popularity over the last couple of years, with new techniques and optimized constructions emerging on a regular basis. As the field matures, the aspect of implementation attacks becomes more relevant, however side-channel attacks on zero-knowledge proof systems have seen surprisingly little treatment so far. In this paper, we give an overview of potential attack vectors and show that some of the underlying finite field libraries, and implementations of heavily used components like hash functions using them, are vulnerable w.r.t. cache attacks on CPUs. On the positive side, we demonstrate that the computational overhead to protect against these attacks is relatively small.

Original language	English
Title of host publication	7th Conference on Advances in Financial Technologies
Subtitle of host publication	AFT 2025
Editors	Zeta Avarikioti, Nicolas Christin
Publisher	Schloss Dagstuhl - Leibniz-Zentrum für Informatik
Number of pages	26
ISBN (Electronic)	9783959774000
DOIs	https://doi.org/10.4230/LIPIcs.AFT.2025.1
Publication status	Published - 6 Oct 2025
Event	7th Conference on Advances in Financial Technologies, AFT 2025 - Pittsburgh, United States Duration: 8 Oct 2025 → 10 Oct 2025

Publication series

Name	Leibniz International Proceedings in Informatics, LIPIcs
Volume	354
ISSN (Print)	1868-8969

Conference

Conference	7th Conference on Advances in Financial Technologies, AFT 2025
Country/Territory	United States
City	Pittsburgh
Period	8/10/25 → 10/10/25

Keywords

cache timing
leakage
protocol
side-channel
zero-knowledge

ASJC Scopus subject areas

Software

Fields of Expertise

Information, Communication & Computing

Access to Document

10.4230/LIPIcs.AFT.2025.1Licence: CC BY 4.0

Cite this

Mukherjee, S., Rechberger, C., & Schofnegger, M. (2025). Cache Timing Leakages in Zero-Knowledge Protocols. In Z. Avarikioti, & N. Christin (Eds.), 7th Conference on Advances in Financial Technologies: AFT 2025 Article 1 (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 354). Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPIcs.AFT.2025.1

Cache Timing Leakages in Zero-Knowledge Protocols. / Mukherjee, Shibam ; Rechberger, Christian; Schofnegger, Markus.
7th Conference on Advances in Financial Technologies: AFT 2025. ed. / Zeta Avarikioti; Nicolas Christin. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2025. 1 (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 354).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Mukherjee, S , Rechberger, C & Schofnegger, M 2025, Cache Timing Leakages in Zero-Knowledge Protocols. in Z Avarikioti & N Christin (eds), 7th Conference on Advances in Financial Technologies: AFT 2025., 1, Leibniz International Proceedings in Informatics, LIPIcs, vol. 354, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 7th Conference on Advances in Financial Technologies, AFT 2025, Pittsburgh, United States, 8/10/25. https://doi.org/10.4230/LIPIcs.AFT.2025.1

@inproceedings{90b05707d1da45f68120b0b74b34d8ab,

title = "Cache Timing Leakages in Zero-Knowledge Protocols",

abstract = "The area of modern zero-knowledge proof systems has seen a significant rise in popularity over the last couple of years, with new techniques and optimized constructions emerging on a regular basis. As the field matures, the aspect of implementation attacks becomes more relevant, however side-channel attacks on zero-knowledge proof systems have seen surprisingly little treatment so far. In this paper, we give an overview of potential attack vectors and show that some of the underlying finite field libraries, and implementations of heavily used components like hash functions using them, are vulnerable w.r.t. cache attacks on CPUs. On the positive side, we demonstrate that the computational overhead to protect against these attacks is relatively small.",

keywords = "cache timing, leakage, protocol, side-channel, zero-knowledge",

author = "Shibam Mukherjee and Christian Rechberger and Markus Schofnegger",

note = "Publisher Copyright: {\textcopyright} Shibam Mukherjee, Christian Rechberger, and Markus Schofnegger;; 7th Conference on Advances in Financial Technologies, AFT 2025 ; Conference date: 08-10-2025 Through 10-10-2025",

year = "2025",

month = oct,

day = "6",

doi = "10.4230/LIPIcs.AFT.2025.1",

language = "English",

series = "Leibniz International Proceedings in Informatics, LIPIcs",

publisher = "Schloss Dagstuhl - Leibniz-Zentrum f{\"u}r Informatik",

editor = "Zeta Avarikioti and Nicolas Christin",

booktitle = "7th Conference on Advances in Financial Technologies",

address = "Germany",

}

TY - GEN

T1 - Cache Timing Leakages in Zero-Knowledge Protocols

AU - Mukherjee, Shibam

AU - Rechberger, Christian

AU - Schofnegger, Markus

N1 - Publisher Copyright: © Shibam Mukherjee, Christian Rechberger, and Markus Schofnegger;

PY - 2025/10/6

Y1 - 2025/10/6

N2 - The area of modern zero-knowledge proof systems has seen a significant rise in popularity over the last couple of years, with new techniques and optimized constructions emerging on a regular basis. As the field matures, the aspect of implementation attacks becomes more relevant, however side-channel attacks on zero-knowledge proof systems have seen surprisingly little treatment so far. In this paper, we give an overview of potential attack vectors and show that some of the underlying finite field libraries, and implementations of heavily used components like hash functions using them, are vulnerable w.r.t. cache attacks on CPUs. On the positive side, we demonstrate that the computational overhead to protect against these attacks is relatively small.

AB - The area of modern zero-knowledge proof systems has seen a significant rise in popularity over the last couple of years, with new techniques and optimized constructions emerging on a regular basis. As the field matures, the aspect of implementation attacks becomes more relevant, however side-channel attacks on zero-knowledge proof systems have seen surprisingly little treatment so far. In this paper, we give an overview of potential attack vectors and show that some of the underlying finite field libraries, and implementations of heavily used components like hash functions using them, are vulnerable w.r.t. cache attacks on CPUs. On the positive side, we demonstrate that the computational overhead to protect against these attacks is relatively small.

KW - cache timing

KW - leakage

KW - protocol

KW - side-channel

KW - zero-knowledge

UR - https://www.scopus.com/pages/publications/105019294400

U2 - 10.4230/LIPIcs.AFT.2025.1

DO - 10.4230/LIPIcs.AFT.2025.1

M3 - Conference paper

AN - SCOPUS:105019294400

T3 - Leibniz International Proceedings in Informatics, LIPIcs

BT - 7th Conference on Advances in Financial Technologies

A2 - Avarikioti, Zeta

A2 - Christin, Nicolas

PB - Schloss Dagstuhl - Leibniz-Zentrum für Informatik

T2 - 7th Conference on Advances in Financial Technologies, AFT 2025

Y2 - 8 October 2025 through 10 October 2025

ER -

Cache Timing Leakages in Zero-Knowledge Protocols

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Fields of Expertise

Access to Document

Other files and links

Fingerprint

Cite this