Single-Trace Side-Channel Attacks on NTRU Implementation
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F24%3A00372209" target="_blank" >RIV/68407700:21240/24:00372209 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1007/s42979-023-02493-7" target="_blank" >https://doi.org/10.1007/s42979-023-02493-7</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/s42979-023-02493-7" target="_blank" >10.1007/s42979-023-02493-7</a>
Alternative languages
Result language
angličtina
Original language name
Single-Trace Side-Channel Attacks on NTRU Implementation
Original language description
Most of the currently used cryptosystems are not secure in the presence of cryptographically relevant quantum computers. As the research in quantum technologies proceeds, a need for quantum-safe cryptography is imminent. NTRU is a post-quantum public-key cryptosystem based on lattices and was a finalist in the 3rd round of the post-quantum standardization process organized by the National Institute of Standards and Technology (NIST). This paper aims to study the implementation security of the cryptosystem with respect to an attacker with access to power leakage. Such a threat model is relevant especially, but not only, for embedded devices. We studied a countermeasure implementation of the NTRU decryption algorithm from An et al. (Appl Sci https://doi.org/10.3390/app8112014 , 2018) that claimed its security against power attacks. This paper revisits an attack presented in as reported by Rabas (In: Proceedings of the9th International Conference on Information Systems Security and Privacy,ICISSP 2023, Lisbon, 2023) that shows it is in fact vulnerable even in the case of just a single trace available to the enemy for extracting the key. We then describe a new profiling template attack on the implementation and show experimental results of the attack using the same datasets, resulting in a comparison of these two methods and further confirmation of the vulnerability of the algorithm even to generic profiling attacks. Several possible types of countermeasures are discussed.
Czech name
—
Czech description
—
Classification
Type
J<sub>SC</sub> - Article in a specialist periodical, which is included in the SCOPUS database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/EF16_019%2F0000765" target="_blank" >EF16_019/0000765: Research Center for Informatics</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2024
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
SN Computer Science
ISSN
2662-995X
e-ISSN
2661-8907
Volume of the periodical
5
Issue of the periodical within the volume
2
Country of publishing house
SG - SINGAPORE
Number of pages
11
Pages from-to
1-11
UT code for WoS article
—
EID of the result in the Scopus database
2-s2.0-85183395531