A Hardware-Friendly Shuffling Countermeasure Against Side-Channel Attacks for Kyber

• URL: http://arxiv.org/abs/2407.02452v3
• Date: Fri, 14 Feb 2025 02:49:19 GMT
• Title: A Hardware-Friendly Shuffling Countermeasure Against Side-Channel Attacks for Kyber
• Authors: Dejun Xu, Kai Wang, Jing Tian,
• Abstract summary: CRYSTALS-Kyber has been standardized as the only key-encapsulation mechanism (KEM) scheme by NIST to withstand attacks by large-scale quantum computers. We propose a secure and efficient hardware implementation for Kyber by incorporating a novel compact shuffling architecture.
• Score: 4.413722095749492
• License:
• Abstract: CRYSTALS-Kyber has been standardized as the only key-encapsulation mechanism (KEM) scheme by NIST to withstand attacks by large-scale quantum computers. However, the side-channel attacks (SCAs) on its implementation are still needed to be well considered for the upcoming migration. In this brief, we propose a secure and efficient hardware implementation for Kyber by incorporating a novel compact shuffling architecture. First of all, we modify the Fisher-Yates shuffle to make it more hardware-friendly. We then design an optimized shuffling architecture for the well-known open-source Kyber hardware implementation to enhance the security of all known and potential side-channel leakage points. Finally, we implement the modified Kyber design on FPGA and evaluate its security and performance. The security is verified by conducting correlation power analysis (CPA) and test vector leakage assessment (TVLA) on the hardware. Meanwhile, FPGA place-and-route results show that the proposed design reports only 8.7% degradation on the hardware efficiency compared with the original unprotected version, much better than existing hardware hiding schemes.

Related papers

• Application of $α$-order Information Metrics for Secure Communication in Quantum Physical Layer Design [45.41082277680607]
  We study the $alpha$-order information-theoretic metrics based on R'enyi entropy. We apply our framework to a practical scenario involving BPSK modulation over a lossy bosonic channel.
  arXiv  Detail & Related papers  (2025-02-07T03:44:11Z)
• Rudraksh: A compact and lightweight post-quantum key-encapsulation mechanism [5.002862916626837]
  Resource-constrained devices such as wireless sensors and Internet of Things (IoT) devices have become ubiquitous in our digital ecosystem. Due to the impending threat of quantum computers on our existing public-key cryptographic schemes and the limited resources available on IoT devices, it is important to lightweight post-quantum cryptographic schemes suitable for these devices. In this work, we explore the design space of learning with error-based PQC schemes to design a lightweight key-encapsulation mechanism (KEM) suitable for resource-constrained devices.
  arXiv  Detail & Related papers  (2025-01-23T16:16:23Z)
• Practical hybrid PQC-QKD protocols with enhanced security and performance [44.8840598334124]
  We develop hybrid protocols by which QKD and PQC inter-operate within a joint quantum-classical network. In particular, we consider different hybrid designs that may offer enhanced speed and/or security over the individual performance of either approach.
  arXiv  Detail & Related papers  (2024-11-02T00:02:01Z)
• Designing Short-Stage CDC-XPUFs: Balancing Reliability, Cost, and Security in IoT Devices [2.28438857884398]
  Physically Unclonable Functions (PUFs) generate unique cryptographic keys from inherent hardware variations. Traditional PUFs like Arbiter PUFs (APUFs) and XOR Arbiter PUFs (XOR-PUFs) are susceptible to machine learning (ML) and reliability-based attacks. We propose an optimized CDC-XPUF design that incorporates a pre-selection strategy to enhance reliability and introduces a novel lightweight architecture.
  arXiv  Detail & Related papers  (2024-09-26T14:50:20Z)
• A Security Assessment tool for Quantum Threat Analysis [34.94301200620856]
  The rapid advancement of quantum computing poses a significant threat to many current security algorithms used for secure communication, digital authentication, and information encryption. A sufficiently powerful quantum computer could potentially exploit vulnerabilities in these algorithms, rendering data in insecure transit. This work developed a quantum assessment tool for organizations, providing tailored recommendations for transitioning their security protocols into a post-quantum world.
  arXiv  Detail & Related papers  (2024-07-18T13:58:34Z)
• Hardware-based stack buffer overflow attack detection on RISC-V architectures [42.170149806080204]
  This work evaluates how well hardware-based approaches detect stack buffer overflow (SBO) attacks in RISC-V systems. We conducted simulations on the PULP platform and examined micro-architecture events using semi-supervised anomaly detection techniques.
  arXiv  Detail & Related papers  (2024-06-12T08:10:01Z)
• Efficient Fault Detection Architectures for Modular Exponentiation Targeting Cryptographic Applications Benchmarked on FPGAs [2.156170153103442]
  We propose a lightweight fault detection architecture tailored for modular exponentiation. Our approach achieves an error detection rate close to 100%, all while introducing a modest computational overhead of approximately 7%.
  arXiv  Detail & Related papers  (2024-02-28T04:02:41Z)
• Practical quantum secure direct communication with squeezed states [55.41644538483948]
  We report the first table-top experimental demonstration of a CV-QSDC system and assess its security. This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
  arXiv  Detail & Related papers  (2023-06-25T19:23:42Z)
• ScionFL: Efficient and Robust Secure Quantized Aggregation [36.668162197302365]
  We introduce ScionFL, the first secure aggregation framework for federated learning. It operates efficiently on quantized inputs and simultaneously provides robustness against malicious clients. We show that with no overhead for clients and moderate overhead for the server, we obtain comparable accuracy for standard FL benchmarks.
  arXiv  Detail & Related papers  (2022-10-13T21:46:55Z)
• Improved coherent one-way quantum key distribution for high-loss channels [0.0]
  We present a simple variant of COW-QKD and prove its security in the infinite-key limit. Remarkably, the resulting key rate of our protocol is comparable with both the existing upper-bound on COW-QKD key rate and the secure key rate of the coherent-state BB84 protocol.
  arXiv  Detail & Related papers  (2022-06-17T00:07:03Z)
• Secure quantum key distribution with a subset of malicious devices [0.0]
  Malicious manipulation of quantum key distribution (QKD) hardware is a serious threat to its security. One possible approach to re-establish the security of QKD is to use a redundant number of devices. We introduce an efficient distributed QKD post-processing protocol and prove its security in a variety of corruption models of the possibly malicious devices.
  arXiv  Detail & Related papers  (2020-06-25T12:29:06Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.