We generalize and abstract the problem of extracting a witness from a prover of a special sound protocol into a combinatorial problem induced by a sequence of matroids and a predicate, and present a parametrized algorithm for solving this problem. The parametrization provides a tight tradeoff between the running time and the extraction error of the algorithm, which allows optimizing the parameters to minimize: the soundness error for interactive proofs, or the extraction time for proofs of knowledge. In contrast to previous work we bound the distribution of the running time and not only the expected running time. Tail bounds give a tighter analysis when applied recursively and a concentrated running time.

We generalize the optimal knowledge extractor for constant-round special sound protocols presented by Wikström (2018) to a knowledge extractor for the corresponding non-interactive Fiat-Shamir proofs in the random oracle model and give an exact analysis of the extraction error and running time. Relative the interactive case the extraction error and the running time are both asymptotically increased by a multiplicative factor equal to the number of oracle queries made by the prover. Through carefully chosen notation, novel concepts, and a technical lemma, we effectively recast the extraction problem of the notoriously complex non-interactive case to the interactive case. Thus, our approach may be of independent interest.

Most of the previous attacks on Dilithium exploit side-channel information which is leaked during the computation of the polynomial multiplication cs1, where s1 is a small-norm secret and c is a verifier's challenge. In this paper, we present a new attack utilizing leakage during secret key unpacking in the signing algorithm. The unpacking is also used in other post-quantum cryptographic algorithms, including Kyber, because inputs and outputs of their API functions are byte arrays. Exploiting leakage during unpacking is more challenging than exploiting leakage during the computation of cs1 since c varies for each signing, while the unpacked secret key remains constant. Therefore, post-processing is required in the latter case to recover a full secret key. We present two variants of post-processing. In the first one, a half of the coefficients of the secret s1 and the error s2 is recovered by profiled deep learning-assisted power analysis and the rest is derived by solving linear equations based on t = As1 + s2, where A and t are parts of the public key. This case assumes knowledge of the least significant bits of t, t0. The second variant uses lattice reduction to derive s1 without the knowledge of t0. However, it needs a larger portion of s1 to be recovered by power analysis. We evaluate both variants on an ARM Cortex-M4 implementation of Dilithium-2. The experiments show that the attack assuming the knowledge of t0 can recover s1 from a single trace captured from a different from profiling device with a non-negligible probability.

Magnetic skyrmions have garnered attention for their potential roles in spintronic applications, such as information carriers in computation, data storage, and nano-oscillators due to their small size, topological stability, and the requirement of small electric currents to manipulate them. Two key challenges in harnessing skyrmions are the stabilization requirement through a strong out-of-plane field, and the skyrmion Hall effect (SkHE). Here, we present a systematic model study of skyrmions in ferromagnetic/antiferromagnetic (FM/AFM) multilayer structures by employing both atomistic Monte Carlo and atomistic spin dynamics simulations. We demonstrate that skyrmions stabilized by exchange bias have superior stability to field-stabilized skyrmions due to the formation of a magnetic imprint within the AFM layer. Additionally, stacking two skyrmion hosting FM layers between two AFM layers suppresses the SkHE and enables the transport of AFM-coupled skyrmions with high velocity in the order of a few km/s. This proposed multilayer configuration could serve as a pathway to overcome existing limitations in the development of skyrmion-based devices, and the insights obtained through this study contribute significantly to the broader understanding of topological spin textures in magnetic materials. Published by the American Physical Society 2024

In reaction-diffusion models of annihilation reactions in low dimensions, single-particle dynamics provides a bottleneck for reactions, leading to an anomalously slow approach to the empty state. Here, we construct a reaction model with a reciprocal bottleneck of reactions on particle dynamics in which single-particle motion conserves the center of mass. We show that such a constrained reaction-diffusion dynamics does not approach an empty state but freezes at late times in a state with fragmented particle clusters. The late-time dynamics and final density are universal, and we provide exact results for the final density in the large-reaction rate limit. Thus, our setup constitutes a minimal model for the fragmentation of a one-dimensional lattice into independent particle clusters. We suggest that the universal reaction dynamics could be observable in experiments with cold atoms or in the Auger recombination of exciton gases. Published by the American Physical Society 2024