Cryptology ePrint Archive: Report 2020/992

Single-Trace Attacks on the Message Encoding of Lattice-Based KEMs

Bo-Yeon Sim and Jihoon Kwon and Joohee Lee and Il-Ju Kim and Taeho Lee and Jaeseung Han and Hyojin Yoon and Jihoon Cho and Dong-Guk Han

Abstract: We propose single-trace side-channel attacks against lattice-based KEMs, the current candidates of the NIST's standardization project. More specifically, we analyze the message encoding in the encapsulation of lattice-based KEMs to obtain the ephemeral session keys, concluding that a single trace leakage allows a whole key recovery: our implementation on a ChipWhisperer UFO STM32F3 target board shows 100% success rates for Crystals-Kyber and Saber regardless of optimization level, and more than a 79% success rate for FrodoKEM. We further show that our attack methodologies are not restricted to the above algorithms but widely applicable to other NIST PQC candidates, including LAC, NewHope, NTRU Prime, and NTRU.

Category / Keywords: public-key cryptography / Side-channel attack, Lattice-based cryptography, Key encapsulation mechanism, Message encoding, Single-trace attack

Original Publication (in the same form): IEEE ACCESS
DOI: 10.1109/ACCESS.2020.3029521

Date: received 17 Aug 2020, last revised 18 Dec 2020

Contact author: qjdusls at kookmin ac kr,christa@kookmin ac kr

Available format(s): PDF | BibTeX Citation

Note: We submitted the paper to Asiacrypt 2020 and received the final notification on 16 Aug 2020 (unfortunately, it was not accepted). We submitted the revised paper to IEEE ACCESS again and finished posting it.

Version: 20201218:070747 (All versions of this report)

Short URL: ia.cr/2020/992