Post-Quantum Algorithm Vulnerable To Side Channel Attacks

Researchers in Sweden say they have found a way to break a specific implementation of CRYSTALS-Kyber, one of a handful of “post-quantum” public key encryption algorithms chosen to underpin future U.S. government encryption standards.

According to a paper published by the KTH Royal Institute in Sweden, the algorithm — one of a number selected by both the U.S. National Institute for Standards and Technology and the NSA for future encryption standards and meant to withstand hacks from a future quantum computer — is vulnerable to a novel side channel attack.

Such attacks avoid directly targeting a system or hardware’s defenses, instead leveraging traces of the physical signals they emit (such as supply current, execution time or electromagnetic emissions) to extract secrets.

More recently, the advent of deep learning-based side channel analysis has made such attacks particularly relevant for breaking encryption systems and recovering secret keys. Apart from improving the effectiveness of some attacks, it has also allowed for attacks on true random number generators and physical unclonable functions, as well as non-differential message and secret key recovery attacks on post-quantum encryption algorithms.

“Deep learning based side-channel attacks can overcome conventional countermeasures such as masking, shuffling, random delays insertion, constant-weight encoding, code polymorphism, and randomized clock,” wrote researchers Elena Dubrova, Kalle Ngo and Joel Gärtner.

Encryption algorithms rely on a technique known as “masking” to prevent leakage of actionable emissions and defend against side channel attacks. Using a newly developed training method for neural networks, the researchers discovered

Read more

Explore the site

More from the blog

Latest News