Visible to the public An Efficient Non-Profiled Side-Channel Attack on the CRYSTALS-Dilithium Post-Quantum Signature

TitleAn Efficient Non-Profiled Side-Channel Attack on the CRYSTALS-Dilithium Post-Quantum Signature
Publication TypeConference Paper
Year of Publication2021
AuthorsChen, Zhaohui, Karabulut, Emre, Aysu, Aydin, Ma, Yuan, Jing, Jiwu
Conference Name2021 IEEE 39th International Conference on Computer Design (ICCD)
Date Publishedoct
Keywordscomposability, compositionality, correlation power analysis, digital signature, hardware security, number theoretic transform, Post-quantum cryptography, Power measurement, pubcrawl, quantum computing, Quantum mechanics, Resistance, side-channel attacks, standardization, theoretical cryptography, Transforms
AbstractPost-quantum digital signature is a critical primitive of computer security in the era of quantum hegemony. As a finalist of the post-quantum cryptography standardization process, the theoretical security of the CRYSTALS-Dilithium (Dilithium) signature scheme has been quantified to withstand classical and quantum cryptanalysis. However, there is an inherent power side-channel information leakage in its implementation instance due to the physical characteristics of hardware.This work proposes an efficient non-profiled Correlation Power Analysis (CPA) strategy on Dilithium to recover the secret key by targeting the underlying polynomial multiplication arithmetic. We first develop a conservative scheme with a reduced key guess space, which can extract a secret key coefficient with a 99.99% confidence using 157 power traces of the reference Dilithium implementation. However, this scheme suffers from the computational overhead caused by the large modulus in Dilithium signature. To further accelerate the CPA run-time, we propose a fast two-stage scheme that selects a smaller search space and then resolves false positives. We finally construct a hybrid scheme that combines the advantages of both schemes. Real-world experiment on the power measurement data shows that our hybrid scheme improves the attack's execution time by 7.77x.
DOI10.1109/ICCD53106.2021.00094
Citation Keychen_efficient_2021