Paper 2025/146
SHIFT SNARE: Uncovering Secret Keys in FALCON via Single-Trace Analysis
Abstract
This paper presents a novel single-trace side-channel attack on FALCON---a lattice-based post-quantum digital signature protocol recently approved for standardization by NIST. We target the discrete Gaussian sampling operation within the FALCON key generation scheme and use a single power measurement trace to succeed. Notably, negating the 'shift right 63-bit' operation (for 64-bit values) leaks critical information about the '-1' vs. '0' assignments to intermediate coefficients. These leaks enable full recovery of the generated secret keys. The proposed attack is implemented on an ARM Cortex-M4 microcontroller running both reference and optimized software implementation from FALCON's NIST Round 3 package. Statistical analysis with 500k tests reveals a per coefficient success rate of 99.9999999478% and a full key recovery success rate of 99.99994654% for FALCON-512. This work highlights the vulnerability of current software solutions to single-trace attacks and underscores the urgent need to develop single-trace resilient software for embedded systems.
Note: Original upload, submitted for peer review in 2024
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Post quantum cryptographyFALCONSide-channel attack
- Contact author(s)
-
jqiu2 @ ncsu edu
aaysu @ ncsu edu - History
- 2025-01-31: revised
- 2025-01-30: received
- See all versions
- Short URL
- https://ia.cr/2025/146
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2025/146, author = {Jinyi Qiu and Aydin Aysu}, title = {{SHIFT} {SNARE}: Uncovering Secret Keys in {FALCON} via Single-Trace Analysis}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/146}, year = {2025}, url = {https://eprint.iacr.org/2025/146} }