A Voltage Template Attack on the Modular Polynomial Subtraction in Kyber

Mu, Jianan; Zhao, Yixuan; Wang, Zongyue; Ye, Jing; Fan, Junfeng; Chen, Shuai; Li, Huawei; Li, Xiaowei; Cao, Yuan

doi:10.1109/asp-dac52403.2022.9712513

Cited by 3 publications

(1 citation statement)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several vulnerabilities have been discovered in the implementations of LWE/ LWR-based PKE/KEMs, including incremental storage vulnerability [21], weakness of re-encryption operation in Fujisaki-Okamoto transform [27] and weakness of polynomial multiplication [16]. For CRYSTALS-Kyber, secret key information has also been extracted through Barrentt reduction procedure [15,26].…”

Section: Known Vulnerabilitiesmentioning

confidence: 99%

A Message Recovery Attack on LWE/LWR-Based PKE/KEMs Using Amplitude-Modulated EM Emanations

Wang

Ngo

Dubrova

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Creating a good deep learning model is an art which requires expertise in deep learning and a large set of labeled data for training neural networks. Neither is readily available. In this paper, we introduce a method that enables us to recover messages of LWE/LWR-based PKE/KEMs using simple multilayer perceptron (MLP) models trained on a small dataset. The core idea is to extend the attack dataset so that at least one of its traces has the ground truth label to which the models are biased towards. We demonstrate the effectiveness of the presented method on the examples of CRYSTALS-Kyber and Saber algorithms implemented in ARM Cortex-M4 CPU on nRF52832 system-on-chip supporting Bluetooth 5.2. We use amplitude-modulated EM emanations which are typically weaker and noisier than power or near-field EM side channels, and thus more difficult to exploit.

show abstract