Paper 2026/056
Rejection Matters: Efficient Non-Profiling Side-Channel Attack on ML-DSA via Exploiting Public Templates
Abstract
ML-DSA (formerly CRYSTALS-Dilithium), NIST’s primary post-quantum signature standard, is increasingly deployed along with the post-quantum transitions. Yet when the implementations of ML-DSA are deployed in practice, their physical security remains underexplored. In this work, we reveal a new attack surface against ML-DSA by exploiting the leakages from both rejected signing trials and the final accepted signing trial. We present, to the best of our knowledge, the first side-channel attack that simultaneously leverages leakage from both trials without relying on clone devices. Unlike traditional Secret-based Template Attacks, which require profiling the leakage of the sensitive intermediates on a clone device, our PTA (Public-based Template Attack) builds leakage templates solely from publicly available data on the target device itself. With challenge $c$ known, we then perform CPA on the sensitive intermediates using traces from both rejected and accepted signing trials, quadrupling (on average) exploitable leakage per signing request for ML-DSA-44. The experimental results on power traces from an ARM Cortex-M4 board show that challenges $c$ are fully recovered with only {96 traces}, and then the key recovery succeeds in around 300 traces — a fact of 10x fewer than prior art. We highlight that our attack can be applied across all three ML-DSA variants with different security levels. Moreover, our attack works straightforwardly in the hedged (non-deterministic) mode of ML-DSA, demonstrating that the hedging offers no SCA protection in this scenario.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published elsewhere. Minor revision. IEEE DATE 2026
- Keywords
- Side-Channel AnalysisCRYSTALS-DilithiumDeep Learning-based AttackCorrelation Power Analysis.
- Contact author(s)
-
yhzhao96 @ njust edu cn
wei cheng @ njust edu cn
liuyuejun @ njust edu cn - History
- 2026-01-16: revised
- 2026-01-14: received
- See all versions
- Short URL
- https://ia.cr/2026/056
- License
-
CC BY-NC
BibTeX
@misc{cryptoeprint:2026/056,
author = {Yuhan Zhao and Wei Cheng and Zehua Qiao and Yuejun Liu and Yongbin Zhou},
title = {Rejection Matters: Efficient Non-Profiling Side-Channel Attack on {ML}-{DSA} via Exploiting Public Templates},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/056},
year = {2026},
url = {https://eprint.iacr.org/2026/056}
}