Cryptology ePrint Archive: Report 2019/100

Power Analysis on NTRU Prime

Wei-Lun Huang and Jiun-Peng Chen and Bo-Yin Yang

Abstract: This paper applies a variety of power analysis techniques to several implementations of NTRU Prime, a Round 2 submission to the NIST PQC Standardization Project. The techniques include vertical correlation power analysis, horizontal in-depth correlation power analysis, online template attacks, and chosen-input simple power analysis. The implementations include the reference one, the one optimized using smladx, and three protected ones. Adversaries in this study can fully recover private keys with one single trace of short observation span, with few template traces from a fully controlled device similar to the target and no a priori power model, or sometimes even with the naked eye. The techniques target the constant-time generic polynomial multiplications in the product scanning method. Though in this work they focus on the decapsulation, they also work on the key generation and encapsulation of NTRU Prime. Moreover, they apply to the ideal-lattice-based cryptosystems where each private-key coefficient comes from a small set of possibilities.

Category / Keywords: implementation / Ideal Lattice Cryptography, Single-Trace Attack, Correlation Power Analysis, Template Attack, Simple Power Analysis, NTRU Prime

Original Publication (in the same form): IACR-CHES-2020

Date: received 30 Jan 2019, last revised 15 Oct 2019

Contact author: 271828182euler at gmail com,jpchen@ieee org,byyang@iis sinica edu tw

Available format(s): PDF | BibTeX Citation

Version: 20191015:103445 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]