Paper 2025/276

Finding and Protecting the Weakest Link: On Side-Channel Attacks on Masked ML-DSA

Julius Hermelink, Max Planck Institute for Security and Privacy
Kai-Chun Ning, Max Planck Institute for Security and Privacy
Richard Petri, Max Planck Institute for Security and Privacy
Abstract

NIST has standardized ML-KEM and ML-DSA as replacements for pre-quantum key exchanges and digital signatures. Both schemes have already seen analysis with respect to side-channels, and first fully masked implementations of ML-DSA have been published. Previous attacks have focused on unprotected implementations or assumed only hiding countermeasures to be in-place. Thus, in contrast to ML-KEM, the threat of side-channel attacks for protected implementations of ML-DSA is mostly unclear. In this work, we analyze the side-channel vulnerability of masked ML-DSA implementations. We first systematically assess the vulnerability of several potential points of attacks in different leakage models using information theory. Then, we explain how an adversary could launch first, second, and higher-order attacks using a recently presented framework for side-channel information in lattice-based schemes. In this context, we propose a filtering technique that allows the framework to solve for the secret key from a large number of hints; this had previously been prevented by numerical instabilities. We simulate the presented attacks and discuss the relation to the information-theoretic analysis. Finally, we carry out relevant attacks on physical devices, discuss recent masked implementations, and instantiate a countermeasure against the most threatening attacks. The countermeasure mitigates the attacks with the highest noise-tolerance while having very little overhead. The results on the physical devices validate our simulations.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
DilithiumML-DSASCACountermeasuresBelief Propagation
Contact author(s)
julius hermelink @ mpi-sp org
kai-chun ning @ mpi-sp org
richard petri @ mpi-sp org
History
2025-02-28: last of 2 revisions
2025-02-18: received
See all versions
Short URL
https://ia.cr/2025/276
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/276,
      author = {Julius Hermelink and Kai-Chun Ning and Richard Petri},
      title = {Finding and Protecting the Weakest Link: On Side-Channel Attacks on Masked {ML}-{DSA}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/276},
      year = {2025},
      url = {https://eprint.iacr.org/2025/276}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.