Power Analysis on NTRU Prime

Wei-Lun Huang, Jiun-Peng Chen, and Bo-Yin Yang

Abstract

This paper applies a variety of power analysis techniques to several implementations of NTRU Prime, a Round 2 submission to the NIST PQC Standardization Project. The techniques include vertical correlation power analysis, horizontal in-depth correlation power analysis, online template attacks, and chosen-input simple power analysis. The implementations include the reference one, the one optimized using smladx, and three protected ones. Adversaries in this study can fully recover private keys with one single trace of short observation span, with few template traces from a fully controlled device similar to the target and no a priori power model, or sometimes even with the naked eye. The techniques target the constant-time generic polynomial multiplications in the product scanning method. Though in this work they focus on the decapsulation, they also work on the key generation and encapsulation of NTRU Prime. Moreover, they apply to the ideal-lattice-based cryptosystems where each private-key coefficient comes from a small set of possibilities.

Available format(s)
Category
Implementation
Publication info
Keywords
Ideal Lattice CryptographySingle-Trace AttackCorrelation Power AnalysisTemplate AttackSimple Power AnalysisNTRU Prime
Contact author(s)
271828182euler @ gmail com
jpchen @ ieee org
byyang @ iis sinica edu tw
History
2019-10-15: revised
See all versions
Short URL
https://ia.cr/2019/100

CC BY

BibTeX

@misc{cryptoeprint:2019/100,
author = {Wei-Lun Huang and Jiun-Peng Chen and Bo-Yin Yang},
title = {Power Analysis on NTRU Prime},
howpublished = {Cryptology ePrint Archive, Paper 2019/100},
year = {2019},
note = {\url{https://eprint.iacr.org/2019/100}},
url = {https://eprint.iacr.org/2019/100}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.