Single-Trace Attacks on Message Encoding in Lattice-Based KEMs

Bo-Yeon Sim; Jihoon Kwon; Joohee Lee; Il-Ju Kim; Tae-Ho Lee; Jaeseung Han; Hyojin Yoon; Jihoon Cho; Dong-Guk Han

doi:10.1109/ACCESS.2020.3029521

IEEE Access (Jan 2020)

Single-Trace Attacks on Message Encoding in Lattice-Based KEMs

Bo-Yeon Sim,
Jihoon Kwon,
Joohee Lee,
Il-Ju Kim,
Tae-Ho Lee,
Jaeseung Han,
Hyojin Yoon,
Jihoon Cho,
Dong-Guk Han

Affiliations

Bo-Yeon Sim: ORCiD; Department of Mathematics, Kookmin University, Seoul, South Korea
Jihoon Kwon: ORCiD; Security Research Center, Samsung SDS, Inc., Seoul, South Korea
Joohee Lee: Security Research Center, Samsung SDS, Inc., Seoul, South Korea
Il-Ju Kim: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, South Korea
Tae-Ho Lee: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, South Korea
Jaeseung Han: ORCiD; Department of Financial Information Security, Kookmin University, Seoul, South Korea
Hyojin Yoon: Security Research Center, Samsung SDS, Inc., Seoul, South Korea
Jihoon Cho: Security Research Center, Samsung SDS, Inc., Seoul, South Korea
Dong-Guk Han: ORCiD; Department of Mathematics, Kookmin University, Seoul, South Korea

DOI: https://doi.org/10.1109/ACCESS.2020.3029521
Journal volume & issue: Vol. 8
pp. 183175 – 183191

Abstract

Read online

In this article, we propose single-trace side-channel attacks against lattice-based key encapsulation mechanisms (KEMs) that are the third-round candidates of the national institute of standards and technology (NIST) standardization project. Specifically, we analyze the message encoding operation in the encapsulation phase of lattice-based KEMs to obtain an ephemeral session key. We conclude that a singletrace leakage implies a whole key recovery: the experimental results realized on a ChipWhisperer UFO STM32F3 target board achieve a success rate of 100% for CRYSTALS-KYBER and SABER regardless of an optimization level and those greater than 79% for FrodoKEM. We further demonstrate that the proposed attack methodologies are not restricted to the above algorithms but are widely applicable to other NIST post-quantum cryptography (PQC) candidates, including NTRU Prime and NTRU.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords