Paper 2018/821
Side-channel Assisted Existential Forgery Attack on Dilithium - A NIST PQC candidate
Prasanna Ravi, Mahabir Prasad Jhanwar, James Howe, Anupam Chattopadhyay, and Shivam Bhasin
Abstract
The recent lattice-based signature scheme Dilithium, submitted as part of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) package, is one of a number of strong candidates submitted for the NIST standardisation process of post-quantum cryptography. The Dilithium signature scheme is based on the Fiat-Shamir paradigm and can be seen as a variant of the Bai-Galbraith scheme (BG) combined with several improvements from previous ancestor lattice-based schemes like GLP and BLISS signature schemes. One of the main features of Dilithium is the compressed public-key, which is a rounded version of the LWE instance. This implies that Dilithium is not breakable with the knowledge of only the secret or the error of the LWE instance, unlike its ancestor lattice-based signature schemes. In this paper, we investigate the security of Dilithium against a combination of side-channel and classical attacks. Side-channel attacks on schoolbook and optimised polynomial multiplication algorithms in the signing procedure are shown to extract the secret component of the LWE instance, which is just one among the multiple components of the secret-key of Dilithium. We then propose an alternative signing procedure, through which it is possible to forge signatures with only the extracted portion of the secret-key, without requiring the knowledge of all its elements. Thus showing that Dilithium too breaks on just knowing the secret portion of the LWE instance, similar to previous lattice-based schemes.
Metadata
- Available format(s)
- Publication info
- Preprint.
- Keywords
- DilithiumLattice based cryptographyDigital Signaturespost quantum cryptographyside channel attack
- Contact author(s)
- PRASANNA RAVI @ ntu edu sg
- History
- 2018-09-16: revised
- 2018-09-06: received
- See all versions
- Short URL
- https://ia.cr/2018/821
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/821, author = {Prasanna Ravi and Mahabir Prasad Jhanwar and James Howe and Anupam Chattopadhyay and Shivam Bhasin}, title = {Side-channel Assisted Existential Forgery Attack on Dilithium - A {NIST} {PQC} candidate}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/821}, year = {2018}, url = {https://eprint.iacr.org/2018/821} }