Carry Your Fault: A Fault Propagation Attack on Side-Channel Protected LWE-based KEM
IACR Cryptol. ePrint Arch.(2024)
摘要
Post-quantum cryptographic (PQC) algorithms, especially those based on the
learning with errors (LWE) problem, have been subjected to several physical
attacks in the recent past. Although the attacks broadly belong to two classes
- passive side-channel attacks and active fault attacks, the attack strategies
vary significantly due to the inherent complexities of such algorithms.
Exploring further attack surfaces is, therefore, an important step for
eventually securing the deployment of these algorithms. Also, it is important
to test the robustness of the already proposed countermeasures in this regard.
In this work, we propose a new fault attack on side-channel secure masked
implementation of LWE-based key-encapsulation mechanisms (KEMs) exploiting
fault propagation. The attack typically originates due to an algorithmic
modification widely used to enable masking, namely the Arithmetic-to-Boolean
(A2B) conversion. We exploit the data dependency of the adder carry chain in
A2B and extract sensitive information, albeit masking (of arbitrary order)
being present. As a practical demonstration of the exploitability of this
information leakage, we show key recovery attacks of Kyber, although the
leakage also exists for other schemes like Saber. The attack on Kyber targets
the decapsulation module and utilizes Belief Propagation (BP) for key recovery.
To the best of our knowledge, it is the first attack exploiting an algorithmic
component introduced to ease masking rather than only exploiting the randomness
introduced by masking to obtain desired faults (as done by Delvaux). Finally,
we performed both simulated and electromagnetic (EM) fault-based practical
validation of the attack for an open-source first-order secure Kyber
implementation running on an STM32 platform.
更多查看译文
关键词
Post-quantum cryptography,Fault attack,Key-encapsulation mechanism,Masked implementation,arithmetic to Boolean conversion
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要