Exploiting Small-Norm Polynomial Multiplication with Physical Attacks
Application to CRYSTALS-Dilithium
DOI:
https://doi.org/10.46586/tches.v2024.i2.359-383Keywords:
Lattice-based Cryptography, Post-Quantum Cryptography, Side- Channel Attacks, Fault Attacks, CRYSTALS-DilithiumAbstract
We present a set of physical profiled attacks against CRYSTALS-Dilithium that accumulate noisy knowledge on secret keys over multiple signatures, finally leading to a full key recovery attack. The methodology is composed of two steps. The first step consists of observing or inserting a bias in the posterior distribution of sensitive variables. The second step is an information processing phase which is based on belief propagation and effectively exploits that bias. The proposed concrete attacks rely on side-channel information, induced faults or possibly a combination of the two. Interestingly, the adversary benefits most from this previous knowledge when targeting the released signatures, however, the latter are not strictly necessary. We show that the combination of a physical attack with the binary knowledge of acceptance or rejection of a signature also leads to exploitable information on the secret key. Finally, we demonstrate that this approach is also effective against shuffled implementations of CRYSTALS-Dilithium.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Olivier Bronchain, Melissa Azouaoui, Mohamed ElGhamrawy, Joost Renes, Tobias Schneider
This work is licensed under a Creative Commons Attribution 4.0 International License.