Paper 2024/066
Exploiting the Central Reduction in Lattice-Based Cryptography
Abstract
This paper presents a novel and efficient way of exploiting side-channel leakage of masked implementations of lattice-based cryptography (LBC). The presented attack specifically targets the central reduction technique, which is widely adapted in efficient implementations of LBC. We show that the central reduction leads to a vulnerability by creating a strong dependency between the power consumption and the sign of sensitive intermediate variables. We exploit this dependency by introducing a novel hypothetical power model, the range power model, which can be employed in higher-order multi-query side-channel analysis attacks. We particularly show that our approach is valid for the prime moduli employed by Kyber and Dilithium, the lattice-based post-quantum algorithms selected by NIST, while it generalizes to other primes used in LBC as well. We practically evaluate our introduced approach by performing second-order non-profiled attacks against a masked implementation of Kyber on an Arm Cortex-M4 micro-processor. In our experiments we revealed the full secret key of the aforementioned implementation with only 2100 electro-magnetic (EM) traces without profiling, achieving a more than 14 times reduction in the number of traces compared to classical attacks.
Note: Preprint.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- KyberSide-Channel AnalysisCorrelation Power AnalysisPlantardMontgomeryArithmetic MaskingCentered Reduction
- Contact author(s)
-
toluntosun @ sabanciuniv edu
amir moradi @ tu-darmstadt de
erkays @ sabanciuniv edu - History
- 2024-01-18: revised
- 2024-01-16: received
- See all versions
- Short URL
- https://ia.cr/2024/066
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/066, author = {Tolun Tosun and Amir Moradi and Erkay Savas}, title = {Exploiting the Central Reduction in Lattice-Based Cryptography}, howpublished = {Cryptology ePrint Archive, Paper 2024/066}, year = {2024}, note = {\url{https://eprint.iacr.org/2024/066}}, url = {https://eprint.iacr.org/2024/066} }