Single-Trace Side-Channel Attacks on NTRU Implementation

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F24%3A00372209" target="_blank" >RIV/68407700:21240/24:00372209 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1007/s42979-023-02493-7" target="_blank" >https://doi.org/10.1007/s42979-023-02493-7</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/s42979-023-02493-7" target="_blank" >10.1007/s42979-023-02493-7</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Single-Trace Side-Channel Attacks on NTRU Implementation

Popis výsledku v původním jazyce

Most of the currently used cryptosystems are not secure in the presence of cryptographically relevant quantum computers. As the research in quantum technologies proceeds, a need for quantum-safe cryptography is imminent. NTRU is a post-quantum public-key cryptosystem based on lattices and was a finalist in the 3rd round of the post-quantum standardization process organized by the National Institute of Standards and Technology (NIST). This paper aims to study the implementation security of the cryptosystem with respect to an attacker with access to power leakage. Such a threat model is relevant especially, but not only, for embedded devices. We studied a countermeasure implementation of the NTRU decryption algorithm from An et al. (Appl Sci https://doi.org/10.3390/app8112014 , 2018) that claimed its security against power attacks. This paper revisits an attack presented in as reported by Rabas (In: Proceedings of the9th International Conference on Information Systems Security and Privacy,ICISSP 2023, Lisbon, 2023) that shows it is in fact vulnerable even in the case of just a single trace available to the enemy for extracting the key. We then describe a new profiling template attack on the implementation and show experimental results of the attack using the same datasets, resulting in a comparison of these two methods and further confirmation of the vulnerability of the algorithm even to generic profiling attacks. Several possible types of countermeasures are discussed.

Název v anglickém jazyce

Single-Trace Side-Channel Attacks on NTRU Implementation

Popis výsledku anglicky

Most of the currently used cryptosystems are not secure in the presence of cryptographically relevant quantum computers. As the research in quantum technologies proceeds, a need for quantum-safe cryptography is imminent. NTRU is a post-quantum public-key cryptosystem based on lattices and was a finalist in the 3rd round of the post-quantum standardization process organized by the National Institute of Standards and Technology (NIST). This paper aims to study the implementation security of the cryptosystem with respect to an attacker with access to power leakage. Such a threat model is relevant especially, but not only, for embedded devices. We studied a countermeasure implementation of the NTRU decryption algorithm from An et al. (Appl Sci https://doi.org/10.3390/app8112014 , 2018) that claimed its security against power attacks. This paper revisits an attack presented in as reported by Rabas (In: Proceedings of the9th International Conference on Information Systems Security and Privacy,ICISSP 2023, Lisbon, 2023) that shows it is in fact vulnerable even in the case of just a single trace available to the enemy for extracting the key. We then describe a new profiling template attack on the implementation and show experimental results of the attack using the same datasets, resulting in a comparison of these two methods and further confirmation of the vulnerability of the algorithm even to generic profiling attacks. Several possible types of countermeasures are discussed.

Druh

J_SC - Článek v periodiku v databázi SCOPUS

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_019%2F0000765" target="_blank" >EF16_019/0000765: Výzkumné centrum informatiky</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

SN Computer Science

ISSN

2662-995X

e-ISSN

2661-8907

Svazek periodika

5

Číslo periodika v rámci svazku

2

Stát vydavatele periodika

SG - Singapurská republika

Počet stran výsledku

11

Strana od-do

1-11

Kód UT WoS článku

—

EID výsledku v databázi Scopus

2-s2.0-85183395531