|
The emergence of quantum computers poses a serious threat for existing security standards, which motivates post-quantum cryptography (PQC) research. Various PQC schemes have been proposed for standardization, whose mathematical soundness are under investigation. Unfortunately, even a mathematically sound cryptography scheme may be attacked at the implementation level. The primary research goal of this project is to develop secure implementations for lattice-based cryptosystems, a major class of PQC encryption proposals. This work specifically addresses the fundamental power and electromagnetic side-channel vulnerabilities of physical implementations which may leak information.
The intellectual merit of this project is a novel framework that employs instruction set extensions to compose side-channel protected software, which can provide comprehensive side-channel security. By contrast, research on side-channel analysis of lattice cryptosystems have so far been limited to point solutions that evaluate a single instance. The research tasks are to extract a set of common operations for lattice-based cryptosystems, to build side-channel resistant versions of these arithmetic computations, to use a side-channel aware compiler for re-composing the software with the protected instructions, and to evaluate/benchmark side-channel security and countermeasure overheads.
The broader impacts of the project include disseminating publications, distributing open-source hardware and software, and bridging the research on computer architectures and hardware security. This bridge is critical as secure computer architectures currently exclude physical side-channels in their threat model. This work may also help the ongoing quantum-secure encryption standardization effort led by the National Institute of Standards and Technology (NIST), by evaluating the submitted lattice cryptography-based proposals.
This project will use a repository with multiple back up servers to store and log the data, and the major results and hardware and software products will be made publicly available by using resources over the world wide web. Further information on the project repository will be made accessible at https://research.ece.ncsu.edu/aaysu/research.html. The repository is intended to be actively maintained for the duration of the project.
|
CRII: SaTC: Secure Instruction Set Extensions for Lattice-Based Post-Quantum Cryptosystems