Paper 2024/169

Machine Learning based Blind Side-Channel Attacks on PQC-based KEMs - A Case Study of Kyber KEM

Prasanna Ravi, Temasek Labs, Nanyang Technological University, Singapore
Dirmanto Jap
Shivam Bhasin, Temasek Labs, Nanyang Technological University, Singapore
Anupam Chattopadhyay, Temasek Labs and School of Computer Science and Engineering, Nanyang Technological University, Singapore
Abstract

Kyber KEM, the NIST selected PQC standard for Public Key Encryption and Key Encapsulation Mechanisms (KEMs) has been subjected to a variety of side-channel attacks, through the course of the NIST PQC standardization process. However, all these attacks targeting the decapsulation procedure of Kyber KEM either require knowledge of the ciphertexts or require to control the value of ciphertexts for key recovery. However, there are no known attacks in a blind setting, where the attacker does not have access to the ciphertexts. While blind side-channel attacks are known for symmetric key cryptographic schemes, we are not aware of such attacks for Kyber KEM. In this paper, we fill this gap by proposing the first blind side-channel attack on Kyber KEM. We target leakage of the pointwise multiplication operation in the decryption procedure to carry out practical blind side-channel attacks resulting in full key recovery. We perform practical validation of our attack using power side-channel from the reference implementation of Kyber KEM taken from the pqm4 library, implemented on the ARM Cortex-M4 microcontroller. Our experiments clearly indicate the feasibility of our proposed attack in recovering the full key in only a few hundred to few thousand traces, in the presence of a suitably accurate Hamming Weight (HW) classifier.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. Minor revision. ICCAD 2023
DOI
10.1109/ICCAD57390.2023
Keywords
Post-Quantum CryptographyBlind Side-Channel AttacksKyberLattice-based cryptographyPower Side-Channel Attacks
Contact author(s)
prasanna ravi @ ntu edu sg
djap @ ntu edu sg
sbhasin @ ntu edu sg
anupam @ ntu edu sg
History
2024-02-06: approved
2024-02-05: received
See all versions
Short URL
https://ia.cr/2024/169
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/169,
      author = {Prasanna Ravi and Dirmanto Jap and Shivam Bhasin and Anupam Chattopadhyay},
      title = {Machine Learning based Blind Side-Channel Attacks on {PQC}-based {KEMs} - A Case Study of Kyber {KEM}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/169},
      year = {2024},
      doi = {10.1109/ICCAD57390.2023},
      url = {https://eprint.iacr.org/2024/169}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.