Abstract
In this paper, we propose single-trace side-channel attacks against CRYSTALS-DILITHIUM. CRYSTALS-DILITHIUM is a lattice-based digital signature algorithm, one of the third round finalists of the national institute of standards and technology (NIST) standardization project. We attack number-theoretic transform (NTT) in the signing procedure and key generation of CRYSTALS-DILITHIUM to obtain a secret key. When targeting the signing procedure, we can recover both secret key vectors s1 and s2. This enables forgery of signatures. However, only the secret key vector s1 can be recovered when targeting the key generation. Thus, we additionally attack four operations, sampling, addition, rounding, and packing, to find s2. We applied a machine learning-based profiling attack method to find the secret key vectors s1 and s2 with a single trace.
Highlights
Thestandards for digital signature such as RSA and ECDSA form a backbone of today’s internet protocols
MAIN CONTRIBUTIONS In this paper, we discover the feasibility of side-channel attack (SCA) on the lattice-based signature CRYSTALS-DILITHIUM [15] which is one of the third round finalists of the National Institute of Standards and Technology (NIST)’s Post-Quantum Cryptography (PQC) standardization project
From a single power trace taken from the implementation of the numbertheoretic transform (NTT) in signing procedure, one can recover the full secret key of CRYSTALS-DILITHIUM with a 100% success rate, regardless of optimization level
Summary
Thestandards for digital signature such as RSA and ECDSA form a backbone of today’s internet protocols. Despite their usefulness, it is well known that they can be broken in the presence of quantum computer running Shor’s algorithm [1] in polynomial time. It is well known that they can be broken in the presence of quantum computer running Shor’s algorithm [1] in polynomial time In this regard, in 2016, the National Institute of Standards and Technology (NIST) initiated a process to select new standards for Post-Quantum Cryptography (PQC) which aims to develop public-key encryption, key exchange, and digital signature schemes secure against adversaries equipped with quantum computers [2]. The constructions based on the lattice hard problems are presumed to be one of the most promising candidates to replace the current standards for public-key cryptosystems based on the integer factorization and discrete logarithm problems; two of the three finalists for signatures, FALCON and CRYSTALS-DILITHIUM, of the NIST’s third round candidates are lattice-based schemes
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
