Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller.
LanguageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems – CHES 2017
Place of PublicationCham
PublisherSpringer
Pages513-533
ISBN (Print)978-3-319-66786-7
DOIs
StatusPublished - 2017

Publication series

NameLecture Notes in Computer Science
Volume10529

Fingerprint

Cryptography
Quantum cryptography
Recovery
Template matching
Microcontrollers
Decoding
Mathematical transformations
Side channel attack

Cite this

Primas, R., Peßl, P., & Mangard, S. (2017). Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. In Cryptographic Hardware and Embedded Systems – CHES 2017 (pp. 513-533). (Lecture Notes in Computer Science; Vol. 10529). Cham: Springer. https://doi.org/10.1007/978-3-319-66787-4_25

Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. / Primas, Robert; Peßl, Peter; Mangard, Stefan.

Cryptographic Hardware and Embedded Systems – CHES 2017. Cham : Springer, 2017. p. 513-533 (Lecture Notes in Computer Science; Vol. 10529).

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Primas, R, Peßl, P & Mangard, S 2017, Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. in Cryptographic Hardware and Embedded Systems – CHES 2017. Lecture Notes in Computer Science, vol. 10529, Springer, Cham, pp. 513-533. https://doi.org/10.1007/978-3-319-66787-4_25
Primas R, Peßl P, Mangard S. Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. In Cryptographic Hardware and Embedded Systems – CHES 2017. Cham: Springer. 2017. p. 513-533. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-66787-4_25
Primas, Robert ; Peßl, Peter ; Mangard, Stefan. / Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. Cryptographic Hardware and Embedded Systems – CHES 2017. Cham : Springer, 2017. pp. 513-533 (Lecture Notes in Computer Science).
@inproceedings{a0e5b75b03364ff4b21293bc0fb83ef5,
title = "Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption",
abstract = "Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller.",
author = "Robert Primas and Peter Pe{\ss}l and Stefan Mangard",
year = "2017",
doi = "10.1007/978-3-319-66787-4_25",
language = "English",
isbn = "978-3-319-66786-7",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "513--533",
booktitle = "Cryptographic Hardware and Embedded Systems – CHES 2017",

}

TY - GEN

T1 - Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption

AU - Primas, Robert

AU - Peßl, Peter

AU - Mangard, Stefan

PY - 2017

Y1 - 2017

N2 - Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller.

AB - Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller.

U2 - 10.1007/978-3-319-66787-4_25

DO - 10.1007/978-3-319-66787-4_25

M3 - Conference contribution

SN - 978-3-319-66786-7

T3 - Lecture Notes in Computer Science

SP - 513

EP - 533

BT - Cryptographic Hardware and Embedded Systems – CHES 2017

PB - Springer

CY - Cham

ER -