[New paper] Profiling Side-Channel Attacks on Dilithium: A Small Bit-Fiddling Leak Breaks It All
297 views
Skip to first unread message
Vincent Ulitzsch
Feb 1, 2022, 6:35:23 PM2/1/22
to pqc-forum
Dear all,
We would like to bring to your attention our recent paper:
"Profiling Side-Channel Attacks on Dilithium: A Small Bit-Fiddling Leak Breaks It All"
available on the IACR ePrint at the following address:
https://eprint.iacr.org/2022/106
To the best of our knowledge, this paper presents the first end-to-end side-channel key recovery attack on the reference implementation of Dilithium, on a Cortex M4 microcontroller. The attack leverages a small and noisy side-channel leak on the random "y" vector in the Dilithium signature generation to recover an equivalent signing key. While we target an unprotected implementation and our attack requires profiling, we stress that the approach is robust to noise in the side-channel leakage, and yields a concrete key recovery in practice. This underscores the necessity of applying countermeasures such as masking despite their significant performance cost, and brings the state-of-the-art as regards to SCA on Dilithium in line with Falcon.
In the paper, we lay out the details of the profiling power side-channel attack: We show how to train machine-learning models that deduce information about the vector "y" from power traces of the signature generation. We then elevate this noisy leak into an (equivalent) key recovery using integer linear programming. This algorithmic decoding step is able to recover the secret key, even if the information retrieved about the vector "y" is partially incorrect. We validate the practicality of the attack and its robustness to measurement noise using a concrete key recovery experiment against the reference implementation of Dilithium, compiled for and executed on a Cortex M4 microcontroller.
Feel free to contact us for further details.
Best,
--
Soundes Marzougui,
Vincent Ulitzsch,
Mehdi Tibouchi,
Jean-Pierre Seifert
We would like to bring to your attention our recent paper:
"Profiling Side-Channel Attacks on Dilithium: A Small Bit-Fiddling Leak Breaks It All"
available on the IACR ePrint at the following address:
https://eprint.iacr.org/2022/106
To the best of our knowledge, this paper presents the first end-to-end side-channel key recovery attack on the reference implementation of Dilithium, on a Cortex M4 microcontroller. The attack leverages a small and noisy side-channel leak on the random "y" vector in the Dilithium signature generation to recover an equivalent signing key. While we target an unprotected implementation and our attack requires profiling, we stress that the approach is robust to noise in the side-channel leakage, and yields a concrete key recovery in practice. This underscores the necessity of applying countermeasures such as masking despite their significant performance cost, and brings the state-of-the-art as regards to SCA on Dilithium in line with Falcon.
In the paper, we lay out the details of the profiling power side-channel attack: We show how to train machine-learning models that deduce information about the vector "y" from power traces of the signature generation. We then elevate this noisy leak into an (equivalent) key recovery using integer linear programming. This algorithmic decoding step is able to recover the secret key, even if the information retrieved about the vector "y" is partially incorrect. We validate the practicality of the attack and its robustness to measurement noise using a concrete key recovery experiment against the reference implementation of Dilithium, compiled for and executed on a Cortex M4 microcontroller.
Feel free to contact us for further details.
Best,
--
Soundes Marzougui,
Vincent Ulitzsch,
Mehdi Tibouchi,
Jean-Pierre Seifert
Reply all
Reply to author
Forward
0 new messages