Paper 2022/1499
WrapQ: Side-Channel Secure Key Management for Post-Quantum Cryptography
Abstract
In any real-life setting, side-channel secure implementations of public-key cryptography must be able to load and store their secret keys in a side-channel secure way. We describe WrapQ, a masking-friendly key management technique and compact encoding format for Kyber and Dilithium Critical Security Parameters (CSPs). WrapQ protects secret key integrity and confidentiality with a Key-Encrypting Key (KEK) and allows the keys to be stored on an untrusted medium. Importantly, its encryption and decryption processes avoid temporarily collapsing the masked asymmetric secret keys (which are plaintext payloads from the viewpoint of the wrapping primitive) into an unmasked format. We demonstrate that a masked Kyber or Dilithium private key can be loaded in a leakage-free fashion from a compact WrapQ format without updating the encoding in non-volatile memory. WrapQ has been implemented in a side-channel secure hardware module. Kyber and Dilithium wrapping and unwrapping functions were validated with 100K traces of TVLA-type leakage assessment.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint.
- Keywords
- Side-Channel SecurityMasking CountermeasuresKey WrappingPost-Quantum CryptographyKyberDilithium
- Contact author(s)
- mjos @ pqshield com
- History
- 2023-01-22: last of 4 revisions
- 2022-10-31: received
- See all versions
- Short URL
- https://ia.cr/2022/1499
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1499, author = {Markku-Juhani O. Saarinen}, title = {WrapQ: Side-Channel Secure Key Management for Post-Quantum Cryptography}, howpublished = {Cryptology ePrint Archive, Paper 2022/1499}, year = {2022}, note = {\url{https://eprint.iacr.org/2022/1499}}, url = {https://eprint.iacr.org/2022/1499} }