Paper 2023/1220

Quasilinear Masking to Protect ML-KEM Against Both SCA and FIA

Abstract

The recent technological advances in Post-Quantum Cryptography (PQC) raise the questions of robust implementations of new asymmetric cryptography primitives in today's technology. This is the case for the lattice-based Module Lattice-Key Encapsulation Mechanism (ML-KEM) algorithm which is proposed by the National Institute of Standards and Technology (NIST) as the first standard for Key Encapsulation Mechanism (KEM), taking inspiration from CRYSTALS-Kyber. We must ensure that the ML-KEM implementation is resilient against physical attacks like Side-Channel Analysis (SCA) and Fault Injection Attacks (FIA). To reach this goal, we propose to adapt a masking countermeasure, more precisely the generic Direct Sum Masking method (DSM). We extend previous results from a paper using Reed-Solomon codes on AES for Code-Based Masking (CBM). This work present a complete masked implementation of ML-KEM with both SCA and FIA resilience thanks to the error correcting capabilities of Code-Based Masking. Due to the structure of this masking, we propose new generic solutions to address the non-linear parts of ML-KEM, with algorithmic optimizations. To do so, we develop a new conversion methodology between boolean and arithmetic Code-Based Maskings in the specific case of ML-KEM. Performances on a laptop as well as on a SAM4S microcontroller are detailed. Security is experimentally verified by performing a Test Vector Leakage Assessment (TVLA) on a SAM4S target thanks to a Chipwhisperer Husky. We also provide formal proofs of security in the SNI model.

Note: Revision 3: Added estimation of formal security within the SNI model and Welch t-tests, as well as performances on a SAM4S platform