Paper 2024/238

A Single Trace Fault Injection Attack on Hedged CRYSTALS-Dilithium

Sönke Jendral, KTH Royal Institute of Technology, Ericsson Research
Abstract

CRYSTALS-Dilithium is a post-quantum secure digital signature algorithm currently being standardised by NIST. As a result, devices making use of CRYSTALS-Dilithium will soon become generally available and be deployed in various environments. It is thus important to assess the resistance of CRYSTALS-Dilithum implementations to physical attacks. In this paper, we present an attack on a CRYSTALS-Dilithium implementation in hedged mode in ARM Cortex-M4 using fault injection. Voltage glitching is performed to skip computation of a seed during the generation of the signature. We identified settings that consistently skip the desired function without crashing the device. After the successful fault injection, the resulting signature allows for the extraction of the secret key vector. Our attack succeeds with probability 0.582 in a single trace. We also propose countermeasures against the presented attack.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Fault injectionCRYSTALS-DilithiumML-DSAPost-quantum digital signatureKey recovery attack
Contact author(s)
jendral @ kth se
History
2024-02-16: approved
2024-02-14: received
See all versions
Short URL
https://ia.cr/2024/238
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/238,
      author = {Sönke Jendral},
      title = {A Single Trace Fault Injection Attack on Hedged CRYSTALS-Dilithium},
      howpublished = {Cryptology ePrint Archive, Paper 2024/238},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/238}},
      url = {https://eprint.iacr.org/2024/238}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.