Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Although lattice-based cryptography has proven to be a particularly efficient approach to post-quantum cryptography, its security against side-channel attacks is still a very open topic. There already exist some first works that use masking to achieve DPA security. However, for public-key primitives SPA attacks that use just a single trace are also highly relevant. For lattice-based cryptography this implementation-security aspect is still unexplored. In this work, we present the first single-trace attack on lattice-based encryption. As only a single side-channel observation is needed for full key recovery, it can also be used to attack masked implementations. We use leakage coming from the Number Theoretic Transform, which is at the heart of almost all efficient lattice-based implementations. This means that our attack can be adapted to a large range of other lattice-based constructions and their respective implementations. Our attack consists of 3 main steps. First, we perform a template matching on all modular operations in the decryption process. Second, we efficiently combine all this side-channel information using belief propagation. And third, we perform a lattice-decoding to recover the private key. We show that the attack allows full key recovery not only in a generic noisy Hamming-weight setting, but also based on real traces measured on an ARM Cortex-M4F microcontroller.
Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems – CHES 2017
Place of PublicationCham
PublisherSpringer
Pages513-533
ISBN (Print)978-3-319-66786-7
DOIs
Publication statusPublished - 2017

Publication series

NameLecture Notes in Computer Science
Volume10529

Fingerprint Dive into the research topics of 'Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption'. Together they form a unique fingerprint.

  • Cite this

    Primas, R., Peßl, P., & Mangard, S. (2017). Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. In Cryptographic Hardware and Embedded Systems – CHES 2017 (pp. 513-533). (Lecture Notes in Computer Science; Vol. 10529). Cham: Springer. https://doi.org/10.1007/978-3-319-66787-4_25