Abstract
Key exchange protocols and key encapsulation mechanisms establish secret keys to communicate digital information confidentially over public channels. Lattice-based cryptography variants of these protocols are promising alternatives given their quantum-cryptanalysis resistance and implementation efficiency. Although lattice cryptosystems can be mathematically secure, their implementations have shown side-channel vulnerabilities. But such attacks largely presume collecting multiple measurements under a fixed key, leaving the more dangerous single-trace attacks unexplored.
This article demonstrates successful single-trace power side-channel attacks on lattice-based key exchange and encapsulation protocols. Our attack targets both hardware and software implementations of matrix multiplications used in lattice cryptosystems. The crux of our idea is to apply a horizontal attack that makes hypotheses on several intermediate values within a single execution all relating to the same secret, and to combine their correlations for accurately estimating the secret key. We illustrate that the design of protocols combined with the nature of lattice arithmetic enables our attack. Since a straightforward attack suffers from false positives, we demonstrate a novel extend-and-prune procedure to recover the key by following the sequence of intermediate updates during multiplication.
We analyzed two protocols,
- [1] . 2020. Polynomial multiplication in NTRU prime: Comparison of optimization strategies on cortex-M4. IACR Transactions on Cryptographic Hardware and Embedded Systems 2021, 1 (2020), 243–268.
DOI: https://doi.org/10.46586/tches.v2021.i1.217-238Google Scholar - [2] . 2020. FrodoKEM Learning With Errors Key Encapsulation Algorithm Specifications And Supporting Documentation. https://frodokem.org/files/FrodoKEM-specification-20200930.pdf.Google Scholar
- [3] . 2020. Defeating newhope with a single trace. In Proceedings of the International Conference on Post-Quantum Cryptography. 189–205.Google Scholar
Cross Ref
- [4] . 2018. Single trace side channel analysis on NTRU implementation. Applied Science 8, 11 (2018), 1–17.Google Scholar
Cross Ref
- [5] . 2019. Quantum supremacy using a programmable superconducting processor. Nature 574, 7779 (2019), 505–510.Google Scholar
Cross Ref
- [6] . 2008. Power analysis on NTRU implementations for RFIDs: First results. In Proceedings of the Workshop on RFID Security. 128–139.Google Scholar
- [7] . 2021. CRYSTALS-Kyber Algorithm Specifications And Supporting Documentation. Retrieved June 9, 2021 from https://pq-crystals.org/kyber/data/kyber-specification-round3-20210131.pdf.Google Scholar
- [8] . 2020. DeePar-SCA: Breaking parallel architectures of lattice cryptography via learning based side-channel attacks. In Proceedings of the International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation. Springer, 262–280.Google Scholar
Digital Library
- [9] . 2018. Horizontal side-channel vulnerabilities of post-quantum key exchange protocols. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust. 81–88.
DOI: https://doi.org/10.1109/HST.2018.8383894Google ScholarCross Ref
- [10] . 2015. DPA, Bitslicing and Masking at 1 GHz. Springer Berlin Heidelberg, Berlin, 599–619.
DOI: https://doi.org/10.1007/978-3-662-48324-4_30Google Scholar - [11] . 2020. SABER: Mod-LWR based KEM. Technical report. Retrieved from https://www.esat.kuleuven.be/cosic/pqcrypto/saber/files/saberspecround3.pdf.Google Scholar
- [12] . 2014. Horizontal Collision Correlation Attack on Elliptic Curves. Springer Berlin Heidelberg, Berlin, 553–570.
DOI: https://doi.org/10.1007/978-3-662-43414-7_28 Google ScholarDigital Library
- [13] STMicroelectronics 8 bit MCUs. 2020. Retrieved June 9, 2021 from https://www.st.com/en/microcontrollers-microprocessors/stm8-8-bit-mcus.html.Google Scholar
- [14] . 2018. LWE without modular reduction and improved side-channel attacks against BLISS. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security. Springer, 494–524.Google Scholar
Cross Ref
- [15] . 2016. Frodo: Take off the ring! practical, quantum-secure key exchange from LWE. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 1006–1018. Google Scholar
Digital Library
- [16] . 2018. Assessing the feasibility of single trace power analysis of frodo. In Proceedings of the Selected Areas in Cryptography. Springer, 216–234.Google Scholar
- [17] . 2004. Correlation power analysis with a leakage model. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 16–29.Google Scholar
Cross Ref
- [18] . 2016. High-performance and lightweight lattice-based public-key encryption. In Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security.ACM, New York, NY, 2–9.
DOI: https://doi.org/10.1145/2899007.2899011 Google ScholarDigital Library
- [19] . 2002. Template attacks. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 13–28. Google Scholar
Digital Library
- [20] . 2010. Horizontal correlation analysis on exponentiation. In Proceedings of the International Conference on Information and Communications Security, Vol. 6476. Springer, 46–61. Google Scholar
Digital Library
- [21] . 2017. Side-Channel Attacks on BLISS Lattice-Based Signatures – Exploiting Branch Tracing Against strongSwan and Electromagnetic Emanations in Microcontrollers. Cryptology ePrint Archive, Report 2017/505. Retrieved June 9, 2021 from http://eprint.iacr.org/2017/505.Google Scholar
- [22] . 2014. How to choose interesting points for template attacks more effectively? In Proceedings of the International Conference on Trusted Systems, Vol. 9473. 168–183. Google Scholar
Digital Library
- [23] . 2020. BSI TR-02102-1: “Cryptographic Mechanisms: Recommendations and Key Lengths“ Version: 2020-1. Retrieved from https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.html.Google Scholar
- [24] . 2003. The doubling attack-why upwards is better than downwards. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Vol. 2779. Springer, 269–280.Google Scholar
Cross Ref
- [25] . 2020. Power analysis on NTRU prime. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 1 (2020), 123–151.
DOI: https://doi.org/10.13154/tches.v2020.i1.123-151Google Scholar - [26] . 2016. Cache Attacks Enable Bulk Key Recovery on the Cloud. Springer Berlin Heidelberg, Berlin, 368–388.
DOI: https://doi.org/10.1007/978-3-662-53140-2_18Google Scholar - [27] . 2020. Single-trace attacks on keccak. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 3 (2020), 243–268.
DOI: https://doi.org/10.13154/tches.v2020.i3.243-268Google ScholarCross Ref
- [28] . 2020. RANTT: A RISC-V architecture extension for the number theoretic transform. In Proceedings of the 30th International Conference on Field-Programmable Logic and Applications. 26–32.
DOI: https://doi.org/10.1109/FPL50879.2020.00016Google ScholarCross Ref
- [29] . 2021. Falcon Down: Breaking Falcon Post-Quantum Signature Scheme through Side-Channel Attacks. Cryptology ePrint Archive, Report 2021/772. Retrieved June 9, 2021 from https://eprint.iacr.org/2021/772.Google Scholar
- [30] . 2020. 2Deep: Enhancing side-channel attacks on lattice-based key-exchange via 2D deep learning. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 40, 6 (2020), 1217–1229.
DOI: https://doi.org/10.1109/TCAD.2020.3038701Google ScholarCross Ref
- [31] . 2019. On Security of Fiat-Shamir Signatures over Lattice in the Presence of Randomness Leakage. Cryptology ePrint Archive, Report 2019/715. Retrieved June 9, 2021 from http://eprint.iacr.org/2019/715.Google Scholar
- [32] . 2020. Novel Single-Trace ML Profiling Attacks on NIST 3 Round candidate Dilithium. Cryptology ePrint Archive, Report 2020/1383. Retrieved June 9, 2021 from http://eprint.iacr.org/2020/1383.Google Scholar
- [33] . 2018. Single trace analysis on constant time cdt sampler and its countermeasure. Applied Sciences 8, 10 (2018), 1809.Google Scholar
Cross Ref
- [34] . 1999. Differential power analysis. In Proceedings of the Annual International Conference on Advances in Cryptology. Springer, 789–789. Google Scholar
Digital Library
- [35] . 2019. NTTRU: Truly fast NTRU using NTT. IACR Transactions on Cryptographic Hardware and Embedded Systems 2019, 3 (2019), 180–201.
DOI: https://doi.org/10.13154/tches.v2019.i3.180-201Google ScholarCross Ref
- [36] . 2007. Statistical Characteristics of Power Traces. Springer US, Boston, MA, 61–99.
DOI: https://doi.org/10.1007/978-0-387-38162-6_4Google Scholar - [37] . 2010. A new correlation frequency analysis of the side channel. In Proceedings of the 5th Workshop on Embedded Systems Security. ACM, 1–8. Google Scholar
Digital Library
- [38] . 2020. Retrieved from https://para.maximintegrated.com/en/search.mvp?fam=micros&1233=Secure.Google Scholar
- [39] . 2020. An extensive study of flexible design methods for the number theoretic transform. IEEE Transactions on Computer.1–1. https://doi.org/10.1109/TC.2020.3017930Google Scholar
Cross Ref
- [40] . 2020. A flexible and scalable NTT hardware: Applications from homomorphically encrypted deep learning to post-quantum cryptography. In Proceedings of the 2020 Design, Automation Test in Europe Conference Exhibition. 346–351.
DOI: https://doi.org/10.23919/DATE48585.2020.9116470 Google ScholarDigital Library
- [41] . 2015. Workshop on Cybersecurity in a Post-Quantum World. Retrieved from https://www.nist.gov/news-events/events/2015/04/workshop-cybersecurity-post-quantum-world.Google Scholar
- [42] . 2021. A side-channel attack on a masked IND-CCA secure saber KEM. IACR Cryptology ePrint Archive 2021, 4 (2021), 676–707.
DOI: https://doi.org/10.46586/tches.v2021.i4.676-707Google Scholar - [43] . 2018. Practical CCA2-secure and masked ring-LWE implementation. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 1 (2018), 142–174.
DOI: https://doi.org/10.13154/tches.v2018.i1.142-174Google ScholarCross Ref
- [44] . 2020. High-level synthesis of number-theoretic transform: A case study for future cryptosystems. IEEE Embedded Systems Letters 12, 4 (2020), 133–136.
DOI: https://doi.org/10.1109/LES.2019.2960457Google ScholarDigital Library
- [45] . 2020. Profiling dilithium digital signature traces for correlation differential side channel attacks. In Proceedings of the International Conference on Embedded Computer Systems:Architectures, Modeling, and Simulation. Springer, 281–294.Google Scholar
Digital Library
- [46] . 2016. Chosen ciphertext simple power analysis on software 8-bit implementation of Ring-LWE encryption. In Proceedings of the IEEE Asian Hardware-Oriented Security and Trust. 1–6.
DOI: https://doi.org/10.1109/AsianHOST.2016.7835555Google ScholarCross Ref
- [47] . 2016. Analyzing the shuffling side-channel countermeasure for lattice-based signatures. In Proceedings of the 17th International Conference on Progress in Cryptology. Springer, 153–170.Google Scholar
Cross Ref
- [48] . 2019. More practical single-trace attacks on the number theoretic transform. In Proceedings of the International Conference on Cryptology and Information Security in Latin America Progress in Cryptology. Springer, 130–149.Google Scholar
Digital Library
- [49] . 2012. Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware. In Proceedings of the 2nd International Conference on Cryptology and Information Security in Latin America. Springer-Verlag, Berlin, 139–158.
DOI: https://doi.org/10.1007/978-3-642-33481-8_8 Google ScholarDigital Library
- [50] . 2014. Area optimization of lightweight lattice-based encryption on reconfigurable hardware. In Proceedings of the IEEE International Symposium on Circuits and Systems. 2796-2799.
DOI: https://doi.org/10.1109/ISCAS.2014.6865754Google Scholar - [51] . 2017. Single-trace side-channel attacks on masked lattice-based encryption. In Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems. Springer, 513–533.Google Scholar
Cross Ref
- [52] . 2020. Drop by Drop you break the rock - Exploiting generic vulnerabilities in Lattice-based PKE/KEMs using EM-based Physical Attacks. Cryptology ePrint Archive, Report 2020/549. Retrieved June 9, 2021 from http://eprint.iacr.org/2020/549.Google Scholar
- [53] . 2018. Side-channel Assisted Existential Forgery Attack on Dilithium-A NIST PQC candidate. Cryptology ePrint Archive Report 2018/821. Retrieved June 9, 2021 from https://eprint.iacr.org/2018/821.pdf.Google Scholar
- [54] . 2020. Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 3 (2020), 307–335.
DOI: https://doi.org/10.46586/tches.v2020.i3.307-335Google ScholarCross Ref
- [55] . 2009. On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM 56, 6 (2009), 1–40. Google Scholar
Digital Library
- [56] . 2016. Additively homomorphic ring-LWE masking. In Proceedings of the International Workshop on Post-Quantum Cryptography. Springer, 233–244. Google Scholar
Digital Library
- [57] . 2016. Masking ring-LWE. Journal of Cryptographic Engineering 6, 2 (2016), 139–153.Google Scholar
Cross Ref
- [58] . 2015. A masked ring-LWE implementation. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 683–702.Google Scholar
Digital Library
- [59] . 1994. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science. 124–134. https://doi.org/10.1109/SFCS.1994.365700 Google Scholar
Digital Library
- [60] . 2020. Single-Trace Attacks on the Message Encoding of Lattice-Based KEMs. Cryptology ePrint Archive, Report 2020/992. Retrieved June 9, 2021 from https://eprint.iacr.org/2020/992.Google Scholar
- [61] . 2013. Power analysis attacks and countermeasures on NTRU-based wireless body area networks. KSII Transactions on Internet and Information Systems 7, 5 (2013), 1094–1107.Google Scholar
Cross Ref
- [62] . 2020. Magnifying Side-Channel Leakage of Lattice- Based Cryptosystems with Chosen Ciphertexts: The Case Study of Kyber. Cryptology ePrint Archive Report 2020/912. Retrieved June 9, 2021 from https://eprint.iacr.org/2020/912.Google Scholar
- [63] . 2018. Convolutional neural network based sidechannel attacks in time-frequency representations. In Proceedings of the International Conference on Smart Card Research and Advanced Applications. Springer, 1–17.Google Scholar
- [64] . 2020. A flexible and generic Gaussian sampler with power side-channel countermeasures for quantum-secure internet of things. IEEE Internet of Things Journal 7, 9 (2020), 8167–8177.Google Scholar
Cross Ref
- [65] . 2012. Cross-VM side channels and their use to extract private keys. In Proceedings of the ACM Conference on Computer and Communications Security. ACM, New York, NY, 305–316. https://doi.org/10.1145/2382196.2382230 Google Scholar
Digital Library
- [66] . 2013. First-order collision attack on protected NTRU cryptosystem. Microprocessors and Microsystems 37, 6 (2013), 601–609.Google Scholar
Digital Library
Index Terms
Horizontal Side-Channel Vulnerabilities of Post-Quantum Key Exchange and Encapsulation Protocols
Recommendations
Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications securityThis paper discusses how to realize practical post-quantum authenticated key exchange (AKE) with strong security, i.e., CK+ security (Krawczyk, CRYPTO 2005). It is known that strongly secure post-quantum AKE protocols exist on a generic construction ...
Side-channel and Fault-injection attacks over Lattice-based Post-quantum Schemes (Kyber, Dilithium): Survey and New Results
In this work, we present a systematic study of Side-Channel Attacks (SCA) and Fault Injection Attacks (FIA) on structured lattice-based schemes, with main focus on Kyber Key Encapsulation Mechanism (KEM) and Dilithium signature scheme, which are leading ...
A Key-Recovery Timing Attack on Post-quantum Primitives Using the Fujisaki-Okamoto Transformation and Its Application on FrodoKEM
Advances in Cryptology – CRYPTO 2020AbstractIn the implementation of post-quantum primitives, it is well known that all computations that handle secret information need to be implemented to run in constant time. Using the Fujisaki-Okamoto transformation or any of its different variants, a ...






Comments