kth.sePublications
Change search
Link to record
Permanent link

Direct link
Publications (10 of 144) Show all publications
Wang, R., Ngo, K. & Dubrova, E. (2023). A Message Recovery Attack on LWE/LWR-Based PKE/KEMs Using Amplitude-Modulated EM Emanations. In: Lecture Notes in Computer Science: . Paper presented at 25th Annual International Conference on Information Security and Cryptology (ICISC'22), Seoul, South Korea, November 30 – December 2, 2022 (pp. 450-471). Springer Nature, 13849
Open this publication in new window or tab >>A Message Recovery Attack on LWE/LWR-Based PKE/KEMs Using Amplitude-Modulated EM Emanations
2023 (English)In: Lecture Notes in Computer Science, Springer Nature , 2023, Vol. 13849, p. 450-471Conference paper, Published paper (Refereed)
Abstract [en]

Creating a good deep learning model is an art which requires expertise in deep learning and a large set of labeled data for training neural networks. Neither is readily available. In this paper, we introduce a method that enables us to recover messages of LWE/LWR-based PKE/KEMs using simple multilayer perceptron (MLP) models trained on a small dataset. The core idea is to extend the attack dataset so that at least one of its traces has the ground truth label to which the models are biased towards. We demonstrate the effectiveness of the presented method on the examples of CRYSTALS-Kyber and Saber algorithms implemented in ARM Cortex-M4 CPU on nRF52832 system-on-chip supporting Bluetooth 5.2.We use amplitude-modulated EM emanations which are typically weaker and noisier than power or near-field EM side channels, and thus more difficult to exploit.

Place, publisher, year, edition, pages
Springer Nature, 2023
Keywords
Public-key cryptography, Post-quantum cryptography, CRYSTALS-Kyber, Saber, LWE/LWR-based KEM, Side-channel attack, EM analysis
National Category
Engineering and Technology
Identifiers
urn:nbn:se:kth:diva-324660 (URN)10.1007/978-3-031-29371-9_22 (DOI)000996634000022 ()2-s2.0-85152625186 (Scopus ID)
Conference
25th Annual International Conference on Information Security and Cryptology (ICISC'22), Seoul, South Korea, November 30 – December 2, 2022
Note

QC 20230328

Available from: 2023-03-09 Created: 2023-03-09 Last updated: 2023-06-21
Ji, Y., Wang, R., Ngo, K. & Dubrova, E. (2023). A Side-Channel Attack on a Hardware Implementation of CRYSTALS-Kyber. In: Proceedings of the 2023 IEEE European Test Symposium (ETS'23): . Paper presented at 28th IEEE European Test Symposium, ETS 2023, Venice, Italy, 22 May - 26 May 2023. Institute of Electrical and Electronics Engineers Inc.
Open this publication in new window or tab >>A Side-Channel Attack on a Hardware Implementation of CRYSTALS-Kyber
2023 (English)In: Proceedings of the 2023 IEEE European Test Symposium (ETS'23), Institute of Electrical and Electronics Engineers Inc. , 2023Conference paper, Published paper (Refereed)
Abstract [en]

CRYSTALS-Kyber has been recently selected by the NIST as a new public-key encryption and key-establishment algorithm to be standardized. This makes it important to assess how well CRYSTALS-Kyber implementations withstand side-channel attacks. Software implementations of CRYSTALS-Kyber have already been analyzed and the discovered vulnerabilities were patched in the subsequently released versions. In this paper, we present a profiling side-channel attack on a hardware implementation of CRYSTALS-Kyber. Since hardware implementations carry out computations in parallel, they are typically more difficult to break than their software counterparts. We demonstrate a successful message (session key) recovery attack on a Xilinx Artix-7 FPGA implementation of CRYSTALS-Kyber  by deep learning-based power analysis. Our results indicate that currently available hardware implementations of CRYSTALS-Kyber need better protection against side-channel attacks.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc., 2023
Keywords
CRYSTALS-Kyber, deep learning, FPGA, LWE-based KEM, Post-quantum cryptography, power analysis, side-channel attack
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-324662 (URN)10.1109/ETS56758.2023.10174000 (DOI)001032757100017 ()2-s2.0-85166264680 (Scopus ID)
Conference
28th IEEE European Test Symposium, ETS 2023, Venice, Italy, 22 May - 26 May 2023
Note

QC 20230824

Available from: 2023-03-09 Created: 2023-03-09 Last updated: 2023-09-21Bibliographically approved
Ji, Y. & Dubrova, E. (2023). A Side-Channel Attack on a Masked Hardware Implementation of CRYSTALS-Kyber. In: ASHES 2023 - Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security: . Paper presented at 7th Workshop on Attacks and Solutions in Hardware Security, ASHES 2023, Copenhagen, Denmark, Nov 30 2023 (pp. 27-37). Association for Computing Machinery (ACM)
Open this publication in new window or tab >>A Side-Channel Attack on a Masked Hardware Implementation of CRYSTALS-Kyber
2023 (English)In: ASHES 2023 - Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security, Association for Computing Machinery (ACM) , 2023, p. 27-37Conference paper, Published paper (Refereed)
Abstract [en]

NIST has recently selected CRYSTALS-Kyber as a new public key encryption and key establishment algorithm to be standardized. This makes it important to evaluate the resistance of CRYSTALS-Kyber implementations to side-channel attacks. Software implementations of CRYSTALS-Kyber have already been thoroughly analysed. The discovered vulnerabilities helped improve the subsequently released versions and promoted stronger countermeasures against side-channel attacks. In this paper, we present the first attack on a protected hardware implementation of CRYSTALS-Kyber. We demonstrate a practical message (shared key) recovery attack on the first-order masked FPGA implementation of Kyber-512 by Kamucheka et al. (2022) using power analysis based on the Hamming distance leakage model. The presented attack exploits a vulnerability located in the masked message decoding procedure which is called during the decryption step of the decapsulation. The message recovery is performed using a profiled deep learning-based method which extracts the message directly, without extracting each share explicitly. By repeating the same decapsulation process multiple times, it is possible to increase the success rate of full shared key recovery to 99%.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2023
Keywords
crystals-kyber, deep learning, lwe/lwr-based kem, post-quantum cryptography, public key cryptography, side-channel attack
National Category
Computer Engineering
Identifiers
urn:nbn:se:kth:diva-341613 (URN)10.1145/3605769.3623992 (DOI)001123130000005 ()2-s2.0-85179548865 (Scopus ID)
Conference
7th Workshop on Attacks and Solutions in Hardware Security, ASHES 2023, Copenhagen, Denmark, Nov 30 2023
Note

Part of proceedings ISBN 9798400702624

QC 20231228

Available from: 2023-12-28 Created: 2023-12-28 Last updated: 2024-01-22Bibliographically approved
Moraitis, M., Brisfors, M., Dubrova, E., Lindskog, N. & Englund, H. (2023). A side-channel resistant implementation of AES combining clock randomization with duplication. In: ISCAS 2023: 56th IEEE International Symposium on Circuits and Systems, Proceedings. Paper presented at 56th IEEE International Symposium on Circuits and Systems, ISCAS 2023, Monterey, United States of America, May 21 2023 - May 25 2023. Institute of Electrical and Electronics Engineers (IEEE), 2023-May
Open this publication in new window or tab >>A side-channel resistant implementation of AES combining clock randomization with duplication
Show others...
2023 (English)In: ISCAS 2023: 56th IEEE International Symposium on Circuits and Systems, Proceedings, Institute of Electrical and Electronics Engineers (IEEE) , 2023, Vol. 2023-MayConference paper, Published paper (Refereed)
Abstract [en]

Deep learning transformed side-channel analysis and made many conventional countermeasures obsolete. This brings the need for more effective, deep learning-resistant defense mechanisms. We propose a method for protecting hardware implementations of cryptographic algorithms that combines clock randomization with duplication. The presented method ensures that the duplicated block generates algorithmic noise that is dependent on the input of the primary block and has a similar power profile. In addition, the duplicated block does not create any secret key-related leakage. We evaluate the presented method on the example of the Advanced Encryption Standard (AES) algorithm implemented in FPGA. Our experimental results show that the protected AES implementation is resistant to deep learning-based power analysis.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2023
Keywords
AES, clock randomization, countermeasure, deep learning, duplication, FPGA, power analysis, Side-channel attack
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-335052 (URN)10.1109/ISCAS46773.2023.10181621 (DOI)001038214601037 ()2-s2.0-85167684103 (Scopus ID)
Conference
56th IEEE International Symposium on Circuits and Systems, ISCAS 2023, Monterey, United States of America, May 21 2023 - May 25 2023
Note

Part of ISBN 9781665451093

QC 20230831

Available from: 2023-08-31 Created: 2023-08-31 Last updated: 2023-09-26Bibliographically approved
Wang, R. & Dubrova, E. (2023). A Side-Channel Secret Key Recovery Attack on CRYSTALS-Kyber Using k Chosen Ciphertexts. In: Codes, Cryptology and Information Security - 4th International Conference, C2SI 2023, Proceedings: . Paper presented at 4th International Conference on Codes, Cryptology and Information Security, C2SI 2023, Rabat, Morocco, May 29 2023 - May 31 2023 (pp. 109-128). Springer Nature
Open this publication in new window or tab >>A Side-Channel Secret Key Recovery Attack on CRYSTALS-Kyber Using k Chosen Ciphertexts
2023 (English)In: Codes, Cryptology and Information Security - 4th International Conference, C2SI 2023, Proceedings, Springer Nature , 2023, p. 109-128Conference paper, Published paper (Refereed)
Abstract [en]

At CHES’2021, a chosen ciphertext attack combined with belief propagation which can recover the long-term secret key of CRYSTALS-Kyber from side-channel information of the number theoretic transform (NTT) computations was presented. The attack requires k traces from the inverse NTT step of decryption, where k is the module rank, for a noise tolerance in the Hamming weight (HW) leakage on simulated data. In this paper, we present an attack which can recover the secret key of CRYSTALS-Kyber from k chosen ciphertexts using side-channel information of the Barret reduction and message decoding steps of decryption, for. The key novel idea is to create a unique mapping between the secret key coefficients and multiple intermediate variables of these procedures. The redundancy in the mapping patterns enables us to detect errors in the secret key coefficients recovered from side-channel information. We demonstrate the attack on the example of a software implementation of Kyber-768 in ARM Cortex-M4 CPU using deep learning-based power analysis.

Place, publisher, year, edition, pages
Springer Nature, 2023
Series
Lecture Notes in Computer Science ; 13874
Keywords
CRYSTALS-Kyber, post-quantum cryptography, Public-key cryptography, side-channel attack
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-338631 (URN)10.1007/978-3-031-33017-9_7 (DOI)2-s2.0-85161187505 (Scopus ID)
Conference
4th International Conference on Codes, Cryptology and Information Security, C2SI 2023, Rabat, Morocco, May 29 2023 - May 31 2023
Note

Part of ISBN 9783031330162

QC 20231102

Available from: 2023-11-02 Created: 2023-11-02 Last updated: 2023-11-02Bibliographically approved
Dubrova, E., Ngo, K., Gärtner, J. & Wang, R. (2023). Breaking a Fifth-Order Masked Implementation of CRYSTALS-Kyber by Copy-Paste. In: PROCEEDINGS OF THE 10TH ACM ASIA PUBLIC-KEY CRYPTOGRAPHY WORKSHOP, APKC 2023: . Paper presented at 10th ACM Asia Public-Key Cryptography Workshop (APKC), JUL 10, 2023, Melbourne, AUSTRALIA (pp. 10-20). Association for Computing Machinery (ACM)
Open this publication in new window or tab >>Breaking a Fifth-Order Masked Implementation of CRYSTALS-Kyber by Copy-Paste
2023 (English)In: PROCEEDINGS OF THE 10TH ACM ASIA PUBLIC-KEY CRYPTOGRAPHY WORKSHOP, APKC 2023, Association for Computing Machinery (ACM) , 2023, p. 10-20Conference paper, Published paper (Refereed)
Abstract [en]

CRYSTALS-Kyber has been selected by the NIST as a public-key encryption and key encapsulation mechanism to be standardized. It is also included in the NSA's suite of cryptographic algorithms recommended for national security systems. This makes it important to evaluate the resistance of CRYSTALS-Kyber's implementations to side-channel attacks. The unprotected and first-order masked software implementations have been already analysed. In this paper, we present deep learning-based message recovery attacks on the omega-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU for omega <= 5. The main contribution is a new neural network training method called recursive learning. In the attack on an omega-order masked implementation, we start training from an artificially constructed neural network M-omega whose weights are partly copied from a model M omega-1 trained on the (omega - 1)-order masked implementation, and then extended to one more share. Such a method allows us to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2023
Keywords
Post-quantum cryptography, CRYSTALS-Kyber, side-channel attack, power analysis, deep learning
National Category
Embedded Systems
Identifiers
urn:nbn:se:kth:diva-334684 (URN)10.1145/3591866.3593072 (DOI)001032553600002 ()2-s2.0-85168319470 (Scopus ID)
Conference
10th ACM Asia Public-Key Cryptography Workshop (APKC), JUL 10, 2023, Melbourne, AUSTRALIA
Note

QC 20231123

Available from: 2023-08-24 Created: 2023-08-24 Last updated: 2023-11-23Bibliographically approved
Brisfors, M., Moraitis, M. & Dubrova, E. (2023). Do Not Rely on Clock Randomization: A Side-Channel Attack on a Protected Hardware Implementation of AES. In: Jourdan, GV Mounier, L Adams, C Sedes, F Garcia-Alfaro, J (Ed.), FPS 2022: Foundations and Practice of Security. Paper presented at 15th International Symposium on Foundations and Practice of Security (FPS), DEC 12-14, 2022, Univ Ottawa, Ottawa, CANADA (pp. 38-53). Springer Nature, 13877
Open this publication in new window or tab >>Do Not Rely on Clock Randomization: A Side-Channel Attack on a Protected Hardware Implementation of AES
2023 (English)In: FPS 2022: Foundations and Practice of Security / [ed] Jourdan, GV Mounier, L Adams, C Sedes, F Garcia-Alfaro, J, Springer Nature , 2023, Vol. 13877, p. 38-53Conference paper, Published paper (Refereed)
Abstract [en]

Clock randomization is one of the oldest countermeasures against side-channel attacks. Various implementations have been presented in the past, along with positive security evaluations. However, in this paper we show that it is possible to break countermeasures based on a randomized clock by sampling side-channel measurements at a frequency much higher than the encryption clock, synchronizing the traces with pre-processing, and targeting the beginning of the encryption. We demonstrate a deep learning-based side-channel attack on a protected FPGA implementation of AES which can recover a subkey from less than 500 power traces. In contrast to previous attacks on FPGA implementations of AES which targeted the last round, the presented attack uses the first round as the attack point. Any randomized clock countermeasure is significantly weakened by an attack on the first round because the effect of randomness accumulated over multiple encryption rounds is lost.

Place, publisher, year, edition, pages
Springer Nature, 2023
Series
Lecture Notes in Computer Science, ISSN 0302-9743
Keywords
Side-channel attack, Random Execution Time, Randomized Clock, Countermeasure, Oversampling, Deep Learning, FPGA, AES, Correlation Power Analysis
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-330516 (URN)10.1007/978-3-031-30122-3_3 (DOI)000999884200003 ()2-s2.0-85152529972 (Scopus ID)
Conference
15th International Symposium on Foundations and Practice of Security (FPS), DEC 12-14, 2022, Univ Ottawa, Ottawa, CANADA
Note

QC 20230630

Available from: 2023-06-30 Created: 2023-06-30 Last updated: 2023-06-30Bibliographically approved
Ngo, K., Wang, R., Dubrova, E. & Paulsrud, N. (2023). Higher-Order Boolean Masking Does Not Prevent Side-Channel Attacks on LWE/LWR-based PKE/KEMs. In: Proceedings: 2023 IEEE 53rd International Symposium on Multiple-Valued Logic, ISMVL 2023. Paper presented at 53rd IEEE International Symposium on Multiple-Valued Logic, ISMVL 2023, Matsue, Shimane, Japan, May 22 2023 - May 24 2023 (pp. 190-195). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Higher-Order Boolean Masking Does Not Prevent Side-Channel Attacks on LWE/LWR-based PKE/KEMs
2023 (English)In: Proceedings: 2023 IEEE 53rd International Symposium on Multiple-Valued Logic, ISMVL 2023, Institute of Electrical and Electronics Engineers (IEEE) , 2023, p. 190-195Conference paper, Published paper (Refereed)
Abstract [en]

Public-key cryptographic schemes currently in use depend on the intractability of certain mathematical problems such as integer factorization or the discrete logarithm. However, Shor's algorithm can solve these problems in polynomial time if large-scale quantum computers become available. This will compromise the security of today's public-key cryptosystems. To address this issue, new public-key cryptographic primitives are being developed. One of them is Saber whose security relies on the Learning With Rounding (LWR) problem that is believed to be hard for quantum computers. The resistance of unprotected and first-order masked implementations of Saber to side-channel attacks has been already investigated. In this paper, we demonstrate the first successful message and secret key recovery attacks on the second- and third-order masked implementations of Saber in ARM Cortex-M4 CPU by deep learning-based power analysis. Our experimental results show that currently available software implementations of Saber need better protection.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2023
Keywords
LWE/LWR-based PKE/KEM, post-quantum cryptography, power analysis, Public-key cryptography, Saber, side-channel attack
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-324661 (URN)10.1109/ISMVL57333.2023.00044 (DOI)2-s2.0-85164621205 (Scopus ID)
Conference
53rd IEEE International Symposium on Multiple-Valued Logic, ISMVL 2023, Matsue, Shimane, Japan, May 22 2023 - May 24 2023
Note

Part of ISBN 9781665464161

QC 20230925

Available from: 2023-03-09 Created: 2023-03-09 Last updated: 2023-09-25Bibliographically approved
Aknesil, C., Dubrova, E., Lindskog, N. & Englund, H. (2023). Is your FPGA transmitting secrets: covert antennas from interconnect. In: 2023 IEEE International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2023: . Paper presented at 2023 IEEE International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2023, May 15 2023 - May 19, 2023, St. Petersburg, United States of America (pp. 79-84). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Is your FPGA transmitting secrets: covert antennas from interconnect
2023 (English)In: 2023 IEEE International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2023, Institute of Electrical and Electronics Engineers (IEEE) , 2023, p. 79-84Conference paper, Published paper (Refereed)
Abstract [en]

A hidden transmitter embedded into a chip to extract secret information is a well-known type of hardware Trojan. Various ways of implementing covert channels have been proposed in the past. The focus of this paper is covert antennas created from the FPGA interconnect. We present several on-chip antenna implementations that leverage the routing resources of FPGAs. The proposed antennas can transmit data processed by the FPGA with bit-level precision. A near-field probe is used to capture the radiated signal and the transmitted data is restored with 100% accuracy. Our results suggest that introducing a routine screening process for covert antennas in FPGA designs, similar to the one performed for ring oscillators, would be of benefit for FPGA security.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2023
Keywords
cloud security, covert antenna, FPGA, hardware Trojan, radio access networks., side-channel attacks
National Category
Telecommunications
Identifiers
urn:nbn:se:kth:diva-336743 (URN)10.1109/IPDPSW59300.2023.00025 (DOI)001055030700010 ()2-s2.0-85169292470 (Scopus ID)
Conference
2023 IEEE International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2023, May 15 2023 - May 19, 2023, St. Petersburg, United States of America
Note

Part of ISBN 9798350311990

QC 20230919

Available from: 2023-09-19 Created: 2023-09-19 Last updated: 2023-10-02Bibliographically approved
Backlund, L., Ngo, K., Gärtner, J. & Dubrova, E. (2023). Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber. In: Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings: . Paper presented at 21st International Conference on Applied Cryptography and Network Security, ACNS 2023, Kyoto, Japan, Jun 19 2023 - Jun 22 2023 (pp. 159-177). Springer Nature
Open this publication in new window or tab >>Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber
2023 (English)In: Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings, Springer Nature , 2023, p. 159-177Conference paper, Published paper (Refereed)
Abstract [en]

Shuffling is a well-known countermeasure against side-channel attacks. It typically uses the Fisher-Yates (FY) algorithm to generate a random permutation which is then utilized as the loop iterator to index the processing of the variables inside the loop. The processing order is scrambled as a result, making side-channel attacks more difficult. Recently, a side-channel attack on a masked and shuffled implementation of Saber requiring 61,680 power traces to extract the long-term secret key was reported. In this paper, we present an attack that can recover the long-term secret key of Saber from 4,608 traces. The key idea behind the 13-fold improvement is to recover FY indexes directly, rather than by extracting the message Hamming weight and bit flipping, as in the previous attack. We capture a power trace during the execution of the decryption algorithm for a given ciphertext, recover FY indexes 0 and 255, and extract the corresponding two message bits. Then, we modify the ciphertext to cyclically rotate the message, capture a power trace, and extract the next two message bits with FY indexes 0 and 255. In this way, all message bits can be extracted. By recovering messages contained in k∗ l chosen ciphertexts constructed using a new method based on error-correcting codes of length l, where k is the module rank, we recover the long-term secret key. To demonstrate the generality of the presented approach, we also recover the secret key from a masked and shuffled implementation of CRYSTALS-Kyber, which NIST recently selected as a new public-key encryption and key-establishment algorithm to be standardized.

Place, publisher, year, edition, pages
Springer Nature, 2023
Keywords
CRYSTALS-Kyber, Post-quantum cryptography, Power analysis, Public-key cryptography, Saber, Side-channel attack
National Category
Signal Processing
Identifiers
urn:nbn:se:kth:diva-339267 (URN)10.1007/978-3-031-41181-6_9 (DOI)2-s2.0-85174450161 (Scopus ID)
Conference
21st International Conference on Applied Cryptography and Network Security, ACNS 2023, Kyoto, Japan, Jun 19 2023 - Jun 22 2023
Note

Part of ISBN 9783031411809

QC 20231106

Available from: 2023-11-06 Created: 2023-11-06 Last updated: 2023-11-06Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-7382-9408

Search in DiVA

Show all publications