Paper 2024/066

Exploiting the Central Reduction in Lattice-Based Cryptography

Tolun Tosun, Sabancı University, Analog Devices
Amir Moradi, Ruhr University Bochum
Erkay Savas, Sabancı University
Abstract

This paper presents a novel and efficient way of exploiting side-channel leakage of masked implementations of lattice-based cryptography (LBC). The presented attack specifically targets the central reduction technique, which is widely adapted in efficient implementations of LBC. We show that the central reduction leads to a vulnerability by creating a strong dependency between the power consumption and the sign of sensitive intermediate variables. We exploit this dependency by introducing a novel hypothetical power model, the range power model, which can be employed in higher-order multi-query side-channel analysis attacks. We particularly show that our approach is valid for the prime moduli employed by Kyber and Dilithium, the lattice-based post-quantum algorithms selected by NIST, while it generalizes to other primes used in LBC as well. We practically evaluate our introduced approach by performing second-order non-profiled attacks against a masked implementation of Kyber on an Arm Cortex-M4 micro-processor. In our experiments we revealed the full secret key of the aforementioned implementation with only 2100 electro-magnetic (EM) traces without profiling, achieving a more than 14 times reduction in the number of traces compared to classical attacks.

Note: Preprint.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
KyberSide-Channel AnalysisCorrelation Power AnalysisPlantardMontgomeryArithmetic MaskingCentered Reduction
Contact author(s)
toluntosun @ sabanciuniv edu
amir moradi @ tu-darmstadt de
erkays @ sabanciuniv edu
History
2024-01-18: revised
2024-01-16: received
See all versions
Short URL
https://ia.cr/2024/066
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/066,
      author = {Tolun Tosun and Amir Moradi and Erkay Savas},
      title = {Exploiting the Central Reduction in Lattice-Based Cryptography},
      howpublished = {Cryptology ePrint Archive, Paper 2024/066},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/066}},
      url = {https://eprint.iacr.org/2024/066}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.