Carry Your Fault: A Fault Propagation Attack on Side-Channel Protected LWE-based KEM

Authors

  • Suparna Kundu COSIC, KU Leuven, Leuven, Belgium
  • Siddhartha Chowdhury Indian Institute of Technology Kharagpur, Kharagpur, India
  • Sayandeep Saha Université catholique de Louvain, Ottignies-Louvain-la-Neuve, Belgium
  • Angshuman Karmakar COSIC, KU Leuven, Leuven, Belgium; Indian Institute of Technology Kanpur, Kanpur, India
  • Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur, Kharagpur, India
  • Ingrid Verbauwhede COSIC, KU Leuven, Leuven, Belgium

DOI:

https://doi.org/10.46586/tches.v2024.i2.844-869

Keywords:

Post-quantum cryptography, Fault attack, Key-encapsulation mechanism, Masked implementation, arithmetic to Boolean conversion

Abstract

Post-quantum cryptographic (PQC) algorithms, especially those based on the learning with errors (LWE) problem, have been subjected to several physical attacks in the recent past. Although the attacks broadly belong to two classes – passive side-channel attacks and active fault attacks, the attack strategies vary significantly due to the inherent complexities of such algorithms. Exploring further attack surfaces is, therefore, an important step for eventually securing the deployment of these algorithms. Also, it is mportant to test the robustness of the already proposed countermeasures in this regard. In this work, we propose a new fault attack on side-channel secure masked implementation of LWE-based key-encapsulation mechanisms (KEMs) exploiting fault propagation. The attack typically originates due to an algorithmic modification widely used to enable masking, namely the Arithmetic-to-Boolean (A2B) conversion. We exploit the data dependency of the adder carry chain in A2B and extract sensitive information, albeit masking (of arbitrary order) being present. As a practical demonstration of the exploitability of this information leakage, we show key recovery attacks of Kyber, although the leakage also exists for other schemes like Saber. The attack on Kyber targets the decapsulation module and utilizes Belief Propagation (BP) for key recovery. To the best of our knowledge, it is the first attack exploiting an algorithmic component introduced to ease masking rather than only exploiting the randomness introduced by masking to obtain desired faults (as done by Delvaux [Del22]). Finally, we performed both simulated and electromagnetic (EM) fault-based practical validation of the attack for an open-source first-order secure Kyber implementation running on an STM32 platform.

Downloads

Published

2024-03-12

Issue

Section

Articles

How to Cite

Carry Your Fault: A Fault Propagation Attack on Side-Channel Protected LWE-based KEM. (2024). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2024(2), 844-869. https://doi.org/10.46586/tches.v2024.i2.844-869