Side-channel attacks on CRYSTALS-KYBER, countermeasures and comparison with SKELYA (DSTU 8961-2019)

IF 0.2 Q4 ENGINEERING, ELECTRICAL & ELECTRONIC
Yaroslav Derevianko, I.D. Gorbenko
{"title":"Side-channel attacks on CRYSTALS-KYBER, countermeasures and comparison with SKELYA (DSTU 8961-2019)","authors":"Yaroslav Derevianko, I.D. Gorbenko","doi":"10.30837/rt.2023.1.212.02","DOIUrl":null,"url":null,"abstract":"Although the mathematical problems used in post-quantum cryptography algorithms appear to be mathematically secure, a class of attacks known as side-channel attacks may prove to be a threat to the security of such algorithms. Side-channel attacks affect the hardware on which the cryptographic algorithm runs, they are not attacks on the algorithm itself. \nThe good news is that side-channel analysis on new post-quantum cryptographic algorithms started early, even before the algorithms were standardized, given that older algorithms still face side-channel problems. \nKyber is a lattice-based post-quantum algorithm based on the complexity of the M-LWE problem. Kyber offers a secure public key encryption (PKE) scheme against a chosen plaintext attack (CPA) and a secure key encapsulation mechanism against a chosen ciphertext attack (CCA). \nThis paper provides a study of side-channel and fault-injection attacks on lattice-based schemes, with focus on the Kyber (KEM). \nConsidering the wide range of known attacks, the protection of the algorithm requires the implementation of individual countermeasures. The paper presents and tests a number of countermeasures capable of providing/improving protection against existing SCA/FIA for Kyber KEM. \nThe obtained results show that the presented countermeasures incur a reasonable performance cost. Therefore, the use of special countermeasures in real implementations of lattice-based schemes, either alone or as an augmentation of general countermeasures, is necessary.","PeriodicalId":41675,"journal":{"name":"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia","volume":"168 1","pages":""},"PeriodicalIF":0.2000,"publicationDate":"2023-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.30837/rt.2023.1.212.02","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 0

Abstract

Although the mathematical problems used in post-quantum cryptography algorithms appear to be mathematically secure, a class of attacks known as side-channel attacks may prove to be a threat to the security of such algorithms. Side-channel attacks affect the hardware on which the cryptographic algorithm runs, they are not attacks on the algorithm itself. The good news is that side-channel analysis on new post-quantum cryptographic algorithms started early, even before the algorithms were standardized, given that older algorithms still face side-channel problems. Kyber is a lattice-based post-quantum algorithm based on the complexity of the M-LWE problem. Kyber offers a secure public key encryption (PKE) scheme against a chosen plaintext attack (CPA) and a secure key encapsulation mechanism against a chosen ciphertext attack (CCA). This paper provides a study of side-channel and fault-injection attacks on lattice-based schemes, with focus on the Kyber (KEM). Considering the wide range of known attacks, the protection of the algorithm requires the implementation of individual countermeasures. The paper presents and tests a number of countermeasures capable of providing/improving protection against existing SCA/FIA for Kyber KEM. The obtained results show that the presented countermeasures incur a reasonable performance cost. Therefore, the use of special countermeasures in real implementations of lattice-based schemes, either alone or as an augmentation of general countermeasures, is necessary.
CRYSTALS-KYBER的侧信道攻击、对抗及与SKELYA的比较
尽管后量子加密算法中使用的数学问题在数学上似乎是安全的,但一类被称为侧信道攻击的攻击可能会对此类算法的安全性构成威胁。侧信道攻击影响的是运行加密算法的硬件,而不是对算法本身的攻击。好消息是,考虑到旧算法仍然面临侧信道问题,对新的后量子加密算法的侧信道分析很早就开始了,甚至在算法标准化之前就开始了。Kyber是一种基于M-LWE问题复杂性的基于格子的后量子算法。Kyber提供了一种安全的公钥加密(PKE)方案来对抗选择的明文攻击(CPA)和一种安全的密钥封装机制来对抗选择的密文攻击(CCA)。本文研究了基于格子方案的侧信道攻击和故障注入攻击,重点研究了Kyber (KEM)。考虑到已知攻击的范围很广,保护算法需要实施单独的对策。本文提出并测试了一些能够为Kyber KEM提供/改进针对现有SCA/FIA的保护的对策。结果表明,所提出的对策产生了合理的性能代价。因此,在基于格的方案的实际实现中使用特殊对抗措施,无论是单独使用还是作为一般对抗措施的增强,都是必要的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia
Visnyk NTUU KPI Seriia-Radiotekhnika Radioaparatobuduvannia ENGINEERING, ELECTRICAL & ELECTRONIC-
自引率
33.30%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信