Paper 2024/1194

Hardware Implementation and Security Analysis of Local-Masked NTT for CRYSTALS-Kyber

Rafael Carrera Rodriguez, LIRMM, University of Montpellier, CNRS, CEA LIST
Emanuele Valea, CEA LIST
Florent Bruguier, LIRMM, University of Montpellier, CNRS
Pascal Benoit, LIRMM, University of Montpellier, CNRS
Abstract

The rapid evolution of post-quantum cryptography, spurred by standardization efforts such as those led by NIST, has highlighted the prominence of lattice-based cryptography, notably exemplified by CRYSTALS-Kyber. However, concerns persist regarding the security of cryptographic implementations, particularly in the face of Side-Channel Attacks (SCA). The usage of operations like the Number Theoretic Transform (NTT) in CRYSTALS-Kyber introduces vulnerabilities to SCA, especially single-trace ones, such as soft-analytical side-channel attacks. To address this threat, Ravi et al. proposed local masking as a countermeasure by randomizing the NTT’s twiddle factors, but its implementation and security implications require further investigation. This paper presents a hardware implementation of the NTT with local masking, evaluating its performance, area utilization, and security impacts. Additionally, it analyzes the vulnerabilities inherent in local masking and assesses its practical security effectiveness through non-specific t-tests, showing that there are configurations of local masking that are more prone to leakage than others.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint.
Keywords
NTTlocal maskinghardware implementationSASCAKyber
Contact author(s)
rafael carrera-rodriguez @ lirmm fr
History
2024-07-25: approved
2024-07-24: received
See all versions
Short URL
https://ia.cr/2024/1194
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1194,
      author = {Rafael Carrera Rodriguez and Emanuele Valea and Florent Bruguier and Pascal Benoit},
      title = {Hardware Implementation and Security Analysis of Local-Masked {NTT} for {CRYSTALS}-Kyber},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1194},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1194}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.