Equivalent Keys: Side-Channel Countermeasure for Post-Quantum Multivariate Quadratic Signatures

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F22%3A00360791" target="_blank" >RIV/68407700:21240/22:00360791 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.3390/electronics11213607" target="_blank" >https://doi.org/10.3390/electronics11213607</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.3390/electronics11213607" target="_blank" >10.3390/electronics11213607</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Equivalent Keys: Side-Channel Countermeasure for Post-Quantum Multivariate Quadratic Signatures

Popis výsledku v původním jazyce

Algorithms based on the hardness of solving multivariate quadratic equations present promising candidates for post-quantum digital signatures. Contemporary threats to implementations of cryptographic algorithms, especially in embedded systems, include side-channel analysis, where attacks such as differential power analysis allow for the extraction of secret keys from the device’s power consumption or its electromagnetic emission. To prevent these attacks, various countermeasures must be implemented. In this paper, we propose a novel side-channel countermeasure for multivariate quadratic digital signatures through the concept of equivalent private keys. We propose a random equivalent key to be generated prior to every signing, thus randomizing the computation and mitigating side-channel attacks. We demonstrate our approach on the Rainbow digital signature, but since an unbalanced oil and vinegar is its special case, our work is applicable to other multivariate quadratic signature schemes as well. We analyze the proposed countermeasure regarding its properties such as the number of different equivalent keys or the amount of required fresh randomness, and we propose an efficient way to implement the countermeasure. We evaluate its performance regarding side-channel leakage and time/memory requirements. Using test vector leakage assessment, we were not able to detect any statistically significant leakage from our protected implementation.

Název v anglickém jazyce

Equivalent Keys: Side-Channel Countermeasure for Post-Quantum Multivariate Quadratic Signatures

Popis výsledku anglicky

Algorithms based on the hardness of solving multivariate quadratic equations present promising candidates for post-quantum digital signatures. Contemporary threats to implementations of cryptographic algorithms, especially in embedded systems, include side-channel analysis, where attacks such as differential power analysis allow for the extraction of secret keys from the device’s power consumption or its electromagnetic emission. To prevent these attacks, various countermeasures must be implemented. In this paper, we propose a novel side-channel countermeasure for multivariate quadratic digital signatures through the concept of equivalent private keys. We propose a random equivalent key to be generated prior to every signing, thus randomizing the computation and mitigating side-channel attacks. We demonstrate our approach on the Rainbow digital signature, but since an unbalanced oil and vinegar is its special case, our work is applicable to other multivariate quadratic signature schemes as well. We analyze the proposed countermeasure regarding its properties such as the number of different equivalent keys or the amount of required fresh randomness, and we propose an efficient way to implement the countermeasure. We evaluate its performance regarding side-channel leakage and time/memory requirements. Using test vector leakage assessment, we were not able to detect any statistically significant leakage from our protected implementation.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/VJ02010010" target="_blank" >VJ02010010: Nástroje pro verifikaci bezpečnosti kryptografických zařízení s využitím AI</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Electronics

ISSN

2079-9292

e-ISSN

2079-9292

Svazek periodika

11

Číslo periodika v rámci svazku

21

Stát vydavatele periodika

CH - Švýcarská konfederace

Počet stran výsledku

21

Strana od-do

—

Kód UT WoS článku

000883420300001

EID výsledku v databázi Scopus

2-s2.0-85141701712