Equivalent Keys: Side-Channel Countermeasure for Post-Quantum Multivariate Quadratic Signatures
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F22%3A00360791" target="_blank" >RIV/68407700:21240/22:00360791 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.3390/electronics11213607" target="_blank" >https://doi.org/10.3390/electronics11213607</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.3390/electronics11213607" target="_blank" >10.3390/electronics11213607</a>
Alternative languages
Result language
angličtina
Original language name
Equivalent Keys: Side-Channel Countermeasure for Post-Quantum Multivariate Quadratic Signatures
Original language description
Algorithms based on the hardness of solving multivariate quadratic equations present promising candidates for post-quantum digital signatures. Contemporary threats to implementations of cryptographic algorithms, especially in embedded systems, include side-channel analysis, where attacks such as differential power analysis allow for the extraction of secret keys from the device’s power consumption or its electromagnetic emission. To prevent these attacks, various countermeasures must be implemented. In this paper, we propose a novel side-channel countermeasure for multivariate quadratic digital signatures through the concept of equivalent private keys. We propose a random equivalent key to be generated prior to every signing, thus randomizing the computation and mitigating side-channel attacks. We demonstrate our approach on the Rainbow digital signature, but since an unbalanced oil and vinegar is its special case, our work is applicable to other multivariate quadratic signature schemes as well. We analyze the proposed countermeasure regarding its properties such as the number of different equivalent keys or the amount of required fresh randomness, and we propose an efficient way to implement the countermeasure. We evaluate its performance regarding side-channel leakage and time/memory requirements. Using test vector leakage assessment, we were not able to detect any statistically significant leakage from our protected implementation.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/VJ02010010" target="_blank" >VJ02010010: Tools for AI-enhanced Security Verification of Cryptographic Devices</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2022
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Electronics
ISSN
2079-9292
e-ISSN
2079-9292
Volume of the periodical
11
Issue of the periodical within the volume
21
Country of publishing house
CH - SWITZERLAND
Number of pages
21
Pages from-to
—
UT code for WoS article
000883420300001
EID of the result in the Scopus database
2-s2.0-85141701712